YUDU Sentinel

Sentinel Hotline

Automated Cloud based information lines for people to call in an incident. Reporting hotlines for messages and a message handling console. Deliver crisis updates by simply typing a message with AI conversion to Voice. 27 languages supported. A low cost call centre.

Features

• Handle over 1.2 million calls per minute
• Convert text updates into voice messages
• Automatically deliver updates - subscribe to receive text updates
• Voicemail management system redirects voicemails to the response team
• Switchboard for Hotlines - by location, office, department, or product
• Translate your text updates into voice updates in 22 languages
• Optional PIN protection for private or internal hotlines
• Cloud management dashboard and alerts for administrators
• Statistics and data available for post crisis review
• Breaking news ticker feed for websites

Benefits

• Lower crisis stress as anybody can be immediately informed
• Avoid the call-centre overload in a crisis
• Instant information: callers don't wait in a queue
• Easily subscribe to Hotlines to stay informed
• Use ‘breaking news’ ticker feeds to keep people updated
• Divert your existing numbers to Hotline in a crisis
• Easily manage and prioritise Voicemails
• A trusted source of information in a crisis

£450 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@sentinelresilience.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

336728965451343

Contact

Charlie Stephenson
+44 7960252055
enquiries@sentinelresilience.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Hybrid cloud
• Service constraints: No
• System requirements:
  • Access via Microsoft Edge browser and other modern browsers
  • IOS 10 and/or Android 4.4 or higher (option apps)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response times are set out in the Sentinel Service Level Agreement and deals with critical responses with a 2 hr 24/7 response time and tiered for lower level responses. Automatic alerts are 24/7. General queries about the system and training plans are dealt with within the same working day. We currently do not offer support for training and general enquiries at weekends.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Undertaken by Hubsopt
• Onsite support: Yes, at extra cost
• Support levels: Response times are set out in the Sentinel Service Level Agreement and deals with critical responses with a 2 hr 24/7 response time and tiered for lower level responses. Automatic alerts are 24/7. (Full detail available) All clients have an account manager who can help them with technical issues and a further support from the Technical Support Team. This customer support team is UK-based and highly knowledgeable.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The onboarding process will train any customer operatives and configure the system to suit each organisation. The system will be fully tested with the Client's environment before release. This is a fully developed process and is designed to get clients operational in the shortest possible time. Sentinel Hotline is designed from the start to be intuitive and easy to use and the user interface kept as simple as possible.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: At the end of the contract all outstanding licence and usage fees due up to the termination date are settled by the customer. YUDU will accept instructions from the client at no cost to the customer for the return or destruction of any content, intellectual property and remove any apps installed on 3rd part sites that have been managed by YUDU.
• End-of-contract process: The service access is removed, data is hard-deleted or returned to the customer via csv and any outstanding invoices will need to be paid.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: All functions are replicated on mobile and desktop. There are no differences.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Cloud based platform with an administrative dashboard that displays all functions in a single view.
• Accessibility standards: WCAG 2.1 AAA
• Accessibility testing: N/A
• API: Yes
• What users can and can't do using the API: Access to the API requires a full Sentinel system which will be available from a url provided to you by YUDU at the time of deployment. Through our API, you can: Requesting the App directory Creating a user Creating a contact Creating a group Assigning a user to a group Getting a groups users Assigning a contact to a group Requesting a list of documents Assigning a document to a user Getting a users documents Creating a broadcast Sending a broadcast Checking recipients and broadcast status Checking system activity Some API activities require an API token for access.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The platform can be white labelled with your organisation's branding. You also control which features are used by whom and have full control over permissions. Users fill in their own profiles with their information.; ; PIN protection can be added and the voicemail function can be switched on or off. This can be done with the click of a button on the dashboard by anyone with administrative rights.

Scaling

• Independence of resources: Each number is dedicated to individual clients and are entirely separate from each other: they can each handle 1.2 million calls a minute.; ; It is hosted on AWS with expandable server capacity that is scalable to match demand. It is not anticipated that any client will be impacted by the activity of another.

Analytics

• Service usage metrics: Yes
• Metrics types: - Number of inbound calls; - audit trail of hotline update recordings; - management of voicemails left by callers (handled and unhandled, flagged and unflagged); - average call duration; - number of minutes used (per month and in total); - how many people are currently on the call
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: As a downloadable csv file. Users can also access their account through a login page, enter their own data and choose if they want to make it accessible to others in their organisation or just admins.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We can guarantee a 99.99% SLA. If we do not meet that, clients are given a partial refund.
• Approach to resilience: Our servers are hosted on AWS and mirrored in separate zones for immediate switchover if an AWS zone fails making them independent and secure. Backups are taken daily and snapshots every 5 mins. Further information is available on request.
• Outage reporting: 1. When downtime or service degradation that will negatively affect sentinel or publisher clients is detected, initial updates will be provided on the Sentinel status page and Sentinel operations twitter account. The operations team will update the hotline ticker-tape status through our internal sentinel system which will be embedded on the yudu status page webpage. Support@Sentinelresilience.com com email address should customers wish to raise a support ticket to discuss the issue further. 2. If system is affected for longer than 2 hours, we initiate an outward communication from the sentinel system to the affected group via email and SMS channels. 3. We keep communicating updates on system outage every couple of hours from then on with progress on remediation.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Sentinel Hotline is a cloud based service that has 2 levels of management access. A restricted and named number of security cleared YUDU developers have admin access to maintain and fix issues on the system. User access to the client management interface is controlled by the client account holder and governed by 2 factor authentication.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International
• ISO/IEC 27001 accreditation date: Originally accredited on 6th September 2019, and renewed in 2020, 2021,2022 and 2023
• What the ISO/IEC 27001 doesn’t cover: A.10.1 Cryptographic controls: A.10.1.1: Policy on the use of cryptographic controls A.10.1.2: Key management A.11 Physical and environmental security: A.11.1.5: Working in secure areas A.11.1.6: Delivery and loading areas A.14.2 Security in development and support processes A.14.2.7: Outsourced development A.18.1 Compliance with legal and contractual requirements A.18.1.5: Regulation of cryptographic controls
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 01/01/2016
• CSA STAR certification level: Level 2: CSA STAR Attestation
• What the CSA STAR doesn’t cover: We are with AWS, who are CSA STAR accredited.
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: Cyber Essentials

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Data privacy is managed by the Data Protection Office who reports directly to the CEO. Security Policies are reviewed quarterly by the Board and updated using version control system. All updated policies are available to employees in the company app. Penetration testing is conducted at least every 12 months. The INFOSEC policies are created and enforced by the Yudu Information Management Security Group which forms part of our ISO 27001 audit. Quarterly Business Continuity Plan tests are conducted quarterly and reports generate with lessons learned. YUDU runs an online security incident reporting system and change management system which are reviews on a 6 month basis.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: The processes are set out in the Sentinel Secure Development Policy. Any change to the configuration of the system requires change management authorisation and any changes are logged on the online change management system. Software releases go through an automated test suite including DAST and SAST tools followed by manual interface test and peer review. Software releases are made every 2 months on average.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: AWS Guard Duty is deployed across the Sentinel server estate which monitors unusual activity. We use AWS Cloudtrail to monitor AWS access and usage with the requisite alerts. Github's Dependabot tool is used to alert for any known vulnerabilities. Patches are deployed with assessed critical patched are deployed immediately. Laravel Enlightn which is used in the internal development environment. Potential threats are also reviewed as part of the ISMS team. Cyber threats are assessed and advice from multiple sources including our cyber consultants network and the National Cyber Security Centre. Critical patches are deployed within 24hrs of notification or discovery.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Our development team run network scans which may identify a potential compromise. The data is encrypted at rest and access is by 2 factor authentication: any unusual activity including data transfer is monitored. When a potential compromise is identified, the in-house YUDU Sentinel crisis management system is activated and used to immediately alert the incident team and set up a conference call with the response team. The next steps and responsibilities are decided on the call and the actions monitored on the system throughout the incident. Response times vary from minutes for a cyber attack to 4 hours.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: The YUDU Incident Management Process document sets out the framework of the incident response. Our in-house YUDU Sentinel system is used to alert staff of a problem and check the status of all employees. The actions taken next will follow the protocols set out in the IMP document and Business Continuity Plan. Staff have off-line access to through our Sentinel App. The senior leadership team communicate next steps through Sentinel communication channels.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Wellbeing

  Fighting climate change

  Sentinel Hotline communicates without any paper and therefore reduces the harvesting of trees and saves the energy that goes into paper production and transportation. In 2025 our data centre is on track to be powered by 100% renewable energy.

  Wellbeing

  Hotlines have a remarkable benefit to wellbeing in a crisis. The use of hotlines enables people to find out without delay what is happening, with no queue waiting on phones. It is the absence of information that causes considerable stress in a major incident. Hotline fills this information vacuum with little effort from the crisis team.

Pricing

• Price: £450 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Full access to information hotlines and reporting hotline, 1 month trail, 2 hotline numbers.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@sentinelresilience.com. Tell them what format you need. It will help if you say what assistive technology you use.