TALKTALK BUSINESS DIRECT LIMITED

SOGEA & FTTP

A low-cost, high-speed internet access service, perfect for customers to use as an underlay to a large wide area network, or as a single site solution where customers want the freedom to provide their own CPE or as part of an SD-WAN solution.

Features

• Fast internet speeds
• FTTP is direct from the exchange
• No copper required with FTTP
• Future Proofed
• No signal degradation with fibre
• No phone line needed with SoGEA
• SoGEA replaces traditional full copper services
• Helps navigate 2025 PSTN switch off
• Enhanced Care packages available
• Ease of transition

Benefits

• Improved productivity
• Minimal signal loss
• Fibre improves stability of service
• Consistent performance
• Low latency makes these services ideal for real-time applications
• Can handle further industry demands
• Improves activities, like cloud backups and video uploads
• Provides the fastest speeds possible
• Increases the quality of using cloud services
• Environmentally friendly eliminating signal boosters with Fibre

£25.95 a transaction a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.stokes@talktalk.business. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

368406658452617

Contact

Andrew Stokes
07976911843
andrew.stokes@talktalk.business

Service scope

• Service constraints: The services described are ‘data only’ meaning there are currently no voice services included.; ; The CPE used with the SOGEA product is currently not capable of Wi-Fi. If this element is required, customers would need to provide access points across their estate.; ; Currently FTTP is a “wires only service”, which means that TalkTalk Business delivers the connectivity only to the customer’s premises. Any hardware required as CPE, would need to be provided by the customer.
• System requirements: N/A

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: All questions and queries will be acknowledged immediately upon receipt and we will endeavour to respond as quickly as possible during the working day.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Fault Tickets may be logged 24 hours, 7 days a week, 365 days a year.; ; TTB will be responsible for the initial fault investigation. We offer two care level options to suit your business needs and budget requirements. These include a 48 hour repair SLA and a 24 hour Enhanced repair SLA.; ; 48 hour SLA – Included as standard; ; Fix by 23:59 at the end of the next working day, Monday to Saturday (excluding public and bank holidays).; ; Example: Fault reported at any time between 00:01 – 23:59:59 on Tuesday would have a commitment time of 23:59:59 on Wednesday.; ; 24 hour SLA ; ; Report by 13:00, fix by 23:59 same day; Report after 13:00, fix by 12:59 the following day; Monday to Sunday (including public and bank holidays).; ; Assurance Tickets can be raised via 1Portal, by sending an email to our Assurance team on: support@virtual1.com or calling us on 0344 884 0800 (opt 2).; ; All support levels detailed above are included as standard within the Service Contract. ; ; All customers will be allocated a named Account Manager who will have a team of dedicated Technical specialists that will support on any customer requirements.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: TTB will supply a summary of agreed pricing and order confirmation, a copy of your contractual agreement and a Service Description for the product ordered. Training is provided by training documentation and tutorials. ; ; We require the following information:; ; • Telephone Number/CLI; The telephone number you would like to port.; • Communications Provider ID; Also known as CUPID; • Number Portability Porting Code; • Priority Process: Fixed; The fixed port is initiated upon KCI3.; • Change of Retail: Yes, 10 Working day lead time mandatory for the switch; ; After a circuit has been installed, our Provisioning team will run a service test to ensure the service is ready for handover. This is completed within 24 hours of service activation/ KCI-3. The customer will receive an email upon handover.; ; A CPE needs to be plugged in to ensure the test provides an accurate result, otherwise we will only be able to test the line is working rather than the full service being in sync on the router.; ; Depending on the Service Test outcome, we will either book in an Openreach engineer for an external assurance visit or contact the customer to book in an engineer for a customer end assurance visit.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: At the end of a customer’s contract, TTB has a cease process in place. All cease requests must be received by email from the customer with a completed Cease Request Form, if required, this will then create a case within Salesforce.; ; The Customer Service Team will query the address on the Cease Form to confirm that it matches the address held on our records. Should the customer require access to data upon exit, a full inventory in the form of an ASR report will be provided to the customer, which will include an up-to-date asset list, including site addresses, post codes, bandwidth, router types, software versions and monthly costs via the customer’s Account Manager.
• End-of-contract process: At the end of a customer’s contract, TTB has a cease process in place. After your minimum term, you can end the contract or any connection forming part of a contract by giving 40 days’ notice. Any equipment remains the property of TTB and, upon termination of service, should be returned to us as requested. All cease requests must be received by email from the customer with a completed Cease Request Form, this will then create a case within Salesforce.; ; The Customer Service Team will query the address on the Cease Form to confirm that it matches the address held on our records. Once confirmed the cease process will begin.; ; The exit plan, developed by the Account Manager with the Customer to ensure a smooth handover, will be provided by email and followed up with a phone call to answer any queries or highlight any missing information. The plan will cover:; •Options for asset acquisition by Customer; •Transfer of service/supply contracts; •Licence terms for IPR; •Data transfer; •TUPE; •Transition and handover planning; •Exit plan review and update; ; Provided the minimum contract term has expired and payment is up-to-date, no further charges or additional costs will be payable by the customer.

Using the service

• Web browser interface: No
• API: No
• Command line interface: No

Scaling

• Scaling available: No
• Independence of resources: SOGEA/FTTP Is provided on an individual customer basis and is not a shared resource. The contracted bandwidth for each customer is supported by an uncontended, high capacity, backhaul network which can support all customer requirements, nationwide. This ensures increased demand at peak times still doesn’t impact user demands.
• Usage notifications: No

Analytics

• Infrastructure or application metrics: No

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: PlatformX Communications Limited (PXC)

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: No

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: TTB measures performance across the Network and any services provided by any Third-Party Operator are outside the scope of this.; ; Internet Access Platform Matrix Target Service Level Agreements ; ; • Network availability 99.99% ; • Network roundtrip latency < 30ms ; • Network packet loss < 0.1; ; Regarding refunds where an SLA is not met, agreed customer service credits will be applied and paid in line with customer contracts.
• Approach to resilience: The focus of the network is where the vast majority of business sites are. We have an 800GB super core fibre network to handle the demand around the capital with two 400GB fibre rings around the major populated areas of the country and several 100GB rings around less populated regions, all of which has a high capacity backhaul to the core network. ; ; Our core network is highly resilient - multiple nodes and high levels of redundancy with 99.99% availability. We offer Network and Openreach (R02) resiliency options to prevent single points of failure.; ; The datacentres combine tier 3 high-availability with very low additional energy use in the cooling and power system, resulting in an annualised PUE of less than 1.3 within an IL3 security environment.; ; The systems employed ensure that our datacentres are highly scalable, ensuring an unusually low PUE at low IT loads as well as when the facility is at its maximum capacity. This results in a carbon footprint that is nearly half the industry norm.; ; Based in a multi-layered security complex with multiple levels of redundancy at both a power and network level, this facility ensures service continuity for customers hosting their equipment.
• Outage reporting: TTB has an Integrated Operation Centre (IOC) that will send the Incident Communication as per the Major Incident Communications Content & Distribution Lists document via email alerts.; ; TTB will prioritise the incident according to the criteria and record the appropriate value for each of the following categories: ; · Service ; · Incident Type ; · Work Type ; · Reported Source ; · Product Categorisation Tier; ; Our Internal and/or External Communications teams will send an email to all recipients in the Major Incident Communications Content & Distribution Lists document, describing: ; · Impact ; · Symptoms ; · Manual workaround (if available) ; · Instructions or additional information for customers and/or agents (if available); · Provide a progress update; ; Email alerts will be provided in the event of a major service outage (MSO).

Identity and authentication

• User authentication: Other
• Other user authentication: N/A The service does not require user authentication.
• Access restrictions in management interfaces and support channels: The Internal Network and Security Team has access and is responsible for user access management. The level of access is based on the principle of 'least privilege' and only those members of staff who need access will be granted it. We have a formal Joint Movers and Leavers process with role-based access governing the majority of applications and systems. Access is removed within 24hrs of an employee leaving the business. Recertification of user access is completed bi-annually.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through: Dedicated device on a segregated network (providers own provision)

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 21/09/2023
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: SecureTrust
• PCI DSS accreditation date: 21/08/2021
• What the PCI DSS doesn’t cover: The service doesn’t require card payment facilities/capabilities so is not applicable to PCI DSS.
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: TTB has a Master Security Policy in place and operates an Information Security Management System via its Security Operations Centre (SOC) for the reporting of all potential security breaches. The system is based on industry good practice (NIST CSF, PCI DSS) and is externally certified to ISO 27001. This covers a range of policies and procedures to ensure the confidentiality, integrity and availability of information, e.g., Master Security Policy, the Privacy Policy and the GDPR Policy.; ; The reporting of any security incidents is done directly to the Security team security@talktalkplc.com via the phishing report message button in the email toolbar. All incidents logged will go into the Security Team to process and escalate into the Head of Security, if required. All colleagues attend mandatory annual security training to ensure we they meet audit standards around data handling requirements and encourage them to share the responsibility to for protecting data at all times.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Change management is assessed, logged, and tracked through our Service Management tool, from the point at which we raise the initial change request until that change is closed off.; ; Quality comes as standard throughout the change process, with everyone involved in this process having the requisite training. Managers of teams carrying out changes will be accountable for the quality of the work undertaken by their teams. There is zero tolerance for unauthorised changes.; ; Security impact will be assessed through a risk assessment and structured model to ensure all risks are captured and clearly identified.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: The Network Security Team conducts security scanning of all our infrastructure on a bi-weekly basis. We also conduct weekly threat and vulnerability scanning of all our network assets via InsightVM. Critical/high risk vulnerabilities patches will be applied within 14 days. All other updates are applied as soon as possible using a monthly patching cycle. Security updates will be assessed and prioritised based on threat level, likelihood of compromise, consequences of compromise, environmental characteristics and regulatory or accreditation-based requirements. We receive information about potential threats from InsightVM from weekly scanning and we use Altiris for Patch Management.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: TTB operates a security incident management program for the alerting of potential compromises and deploys endpoint protection technology. All potential compromises will be logged on the action plan tracker and updated with notes/associated actions to mitigate risk.; ; Users can report Priority level 1/level 2 incidents by telephone, and a response will be given within 1 hour. Incidents can be reported by email/web portal. ; ; Incident reports are provided upon request. For network incidents, these reports are distributed to impacted customers via email. Reason for Outage reports for priority 1 faults are provided by email within 10 working days from root cause.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have a pre-defined process for common events and fault related reporting through our 24/7 Technical Support Centre (TSC).; ; User can report Priority level 1 and level 2 incidents by telephone (08454566541/08453103444) and by email/web portal. ; ; Incidents, when resolved, will be notified to the customer as part of the logged ticket fault. Reports will be provided upon request for network incidents, and these reports distributed to impacted customers via email.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: We follow and implement (where possible) all initiatives recommended in the EUCoC, including (but not limited to) the following:; • Air flow management; • Hot/cold aisle configuration; • Regularly reviewing cooling settings (increased temperature/disabling humidity control etc.); • Selecting high efficiency plant and equipment ; • Comprehensive energy monitoring; • Decommissioning of redundant platforms and consolidation of systems ; • Accreditation to ISO 50001; ; Audits are held annually to ensure compliance and adherence to the EUCoC.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  The TalkTalk Business’s Executive Committee meets regularly to review identified and emerging risks, which inform our strategic planning process. This is reviewed by the Board, which has identified and is monitoring emerging risks around the long-term implications of climate change and will be featured in upcoming climate-related financial disclosures. ; In November 2020 TalkTalk Business committed to a Science Based Target (by signing the Business Ambition for 1.5 Degrees) for its carbon emission reductions, to achieve net zero by 2050. Since then, our near-term targets have been validated. ; Key actions include:; • Switching to a renewable electricity tariff, which we have completed, and switching to green gas by 2026; • Changing from diesel to biofuel for back-up generators, to be completed in 2024. ; • Company car policy requiring all fleet vehicles to be petrol, hybrid or electric. Transition has commenced, with initial EV orders placed for the fleet ; • Third party environmental policy with requirements to measure and report carbon footprint and specific product carbon footprint – as of 2023, over 80% of our suppliers have committed to, or set, science-based targets. ; TalkTalk Business has reduced scope 1 and 2 emissions by 94% over 5 years (FY18-23) and reduced energy in its operations by 23% in the same time period. ; TalkTalk group has science based targets to reduce scope 3 emissions by 42% between FY20 and FY30.

  Covid-19 recovery

  The COVID-19 period challenged TalkTalk Business, and during lockdowns, mitigations included: ; • Measures to ensure the health and safety of our workforce and customers whilst we continued our provision of critical services. ; • Focusing on employee wellbeing by introducing training for People Managers, implementing new guidance around wellbeing support and regularly surveying colleagues on their wellbeing to inform our policies. ; • Prioritising service of customers with vulnerable end-users and enhancing our digital service support for all customers ; • Working with key partners to expedite home-working solutions for customers to ensure they could continue to operate effectively. ; ; We adapted our corporate responsibility work to tackle acute needs and support the most vulnerable in society. We made donations to local efforts to counter exclusion and vulnerability due to the pandemic, including: ; • Salford Food Share Network to provide emergency food support; • Donating laptops to Salford College to support home-learning. ; • Working with local charity the Hamilton Davis Trust to support the production of Personal Protection Equipment for local health workers, providing financial support and office space to their operations for several weeks. ; ; Post COVID-19, we turned our attention to how we could help our customers and communities to recover: ; • We worked with Salford Community & Voluntary Service and NHS Salford to fund a Youth Wellbeing Fund, which offered funding to projects aimed at boosting wellbeing; • We offered free broadband to jobseekers via the DWP; ; To continue supporting post-pandemic recovery, we are helping organisations focused on reducing isolation and loneliness. For example, we provide connectivity to The Branch free of charge, which supports their Computer Corner, through which they support service users to develop online skills. We also provide a dedicated leased line to The Samaritans Manchester branch at no cost, allowing them to manage inbound calls more effectively.

  Tackling economic inequality

  As well as paying our colleagues the real living wage, our commitment to good employment, previously as part of the wider TalkTalk Group, has been recognised by the Greater Manchester Combined Authority, as we were accredited as a Member of its Good Employment Charter. To achieve membership status, we took part in a thorough assessment, which was reviewed and approved by a technical review panel and Charter Board. We offer employees training with clear development paths that address skills gaps and result in recognised qualifications to support further career ambitions. ; ; We are proud to be a Salford business committed to building strong connections within our city. We’ve been involved in initiatives to promote social wellbeing and economic growth in the region, including: ; • Working with the Department for Work and Pensions (DWP), supporting local employment initiatives and hosting virtual jobs fairs for vulnerable demographics. ; • Participating in the Kickstart scheme to offer paid placements to young people, with 3 of the young people securing permanent roles within TalkTalk Business. ; • Our Employee Networks partner with local organisations like the Proud Trust, Salford Pride and the University of Salford, and we promote local volunteering opportunities to our colleagues, including trustee positions in local charities. ; ; We will develop working practices and partnerships with activities to support relevant sector-related skills growth in the contract workforce during the Framework. ; ; For example, we currently provide connectivity to The Branch, free of charge, which supports their Computer Corner, through which they help service users apply for jobs and learn computer skills. We also provide a dedicated leased line to The Samaritans Manchester branch at no cost, allowing them to manage inbound calls more effectively, and providing a lifeline to people struggling to cope with socio-economic and personal challenges.

  Equal opportunity

  TalkTalk Business celebrates diversity and is an inclusive place to work, treating everyone fairly with diverse representation at all levels and areas. There are no barriers to progression and appointments are based on merit. ; ; Our programmes to promote equal opportunity include: ; • Women in leadership roles - we have strong female representation right at the top; and have set aspirational targets when recruiting women, with a particular emphasis on middle and senior leadership. As a result, our proportion of women in these roles has grown over the last 12 months. We seek formal development paths for our female talent and participated in a ‘Women in Leadership’ apprenticeship programme that was created in partnership with the apprenticeship provider, Raise the Bar. This saw a 70% increase in promotions for participants. ; • We provide support for Ambitious about Autism, the national charity standing with autistic children, young people and their families. As part of the pioneering internship programme, Employ Autism, we have recruited interns to teams across the business, in roles from regulation to procurement and commercial. ; • We publish our Gender Pay Gap report annually. Our mean pay gap of 10.4% has reduced from 12.9% in 2019. This reduction has been due in part from promoting female talent. ; • As part of TTG, our employee networks were very successful. Our BAME employee network, Empower, mentors young black students at the University of Salford, responding to higher than average drop-out rates. This has had a positive impact in its first year. At TTB, we are looking to continue this success by establishing our own employee network groups. ; ; As part of TalkTalk Group we’ve previously achieved the ‘Inclusive Top 50 UK Employers List’ for best practice across all strands of diversity.

  Wellbeing

  Initiatives to support the mental and physical wellbeing of our workforce (which we will continue during the framework) include: ; • Our Give Something Back policy offers three paid volunteering days per year and encourages local volunteering to promote community connection. We are currently organising a ‘donate your time and talent’ programme to support local care homes during Dementia Awareness week in May 2024.; • Our Wellbeing Community employee network shares resources and hosts events on physical and mental health and wellbeing, e.g. discussions on male mental health. Network members are champions across the business, creating blogs, interviews and podcasts about wellbeing. ; • We recognise mental, physical, financial and social risks for various roles and offer employee support resources; • Employee Assistance Programme with free 24/7 access to advisors or website resources in app form, which has been very positively received. ; • A Financial Wellbeing Portal helps colleagues to manage and monitor their financial health. ; • Employer contributed Private Medical Insurance offered to all colleagues, along with Digital GP service and regular wellbeing Webinars from provider Aviva.; • Hardship loans to support colleagues with short term no interest loans in times of financial crisis. Our employee forum, OneVoice, includes quarterly Health, Safety and Wellbeing meetings to ensure colleague confidence in our processes.

Pricing

• Price: £25.95 a transaction a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.stokes@talktalk.business. Tell them what format you need. It will help if you say what assistive technology you use.