IMImobile Europe Ltd

Webex Notify

Webex Notify is a cloud based application that allows employees to send customer and internal messages across channels with multiple templates, large contact lists, de-duping and bulk sends. It provides a powerful role-based access control framework to configure the messaging environment, allowing department administrators to define users and templates.

Features

• Simplified multichannel messaging over SMS, Email & Voice.
• Brand compliant message templates with placeholders for personalisation.
• Message scheduling & prioritisation.
• Multiple access with trigger points: web portal, APIs, automated SFTP.
• Multilayer addressbook with contact management, channel preferences, bulk upload options.
• Centralised control with security that adapts to company's organisational structure.
• Role based access control.
• Comprehensive reporting & intuitive dashboards.
• Enterprise grade-control with single sign-on & auditing.
• Designed for large scale interactions volumes with scalable messaging throughput.

Benefits

• Reduce call volumes by sending timely notifications.
• Reduce costs and improve operational efficiency​.
• Improve service and drive customer satisfaction.
• Keep control of your outbound communications.
• Trigger notifications from a simple UI.
• Securely deliver information via messaging.
• Comply with changing regulations.
• Improve customer experience by sending timely notifications.

£2,205 a licence a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at natasha2@cisco.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

393098268315914

Contact

Natasha Deaffern
020 4557 4108
natasha2@cisco.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Webex Notify is a cloud based application designed for large-scale enterprises with stringent security and communication requirements which can be used standalone, or as an add-on to the following applications which together form the CPaaS Suite - Webex Connect, Webex Campaign and the complete Envoy portfolio.
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: None
• System requirements:
  • Web browser
  • Internet connectivity

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We try to get back to the client as quickly as we can. We commit to the below SLA for response times. Our response time SLAs are based on the priority of the incident. ; Priority Level 1- Response time- 30minutes Priority Level 2- Response time- 1 hour Priority Level 3- Response time- 6 hours Priority Level 4- Response time- 24 hours ; Note: The response time is the target time from the time an incident report is logged at the Service Desk to the time an initial response is sent back to the Client.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Our Standard level of support is included as part of our service offering. This includes access to support via email to our Virtual Network Operations Centre (VNOC) 24x7. The VNOC uses a ticketing tool to automatically raise incidents for any report raised via email. Indicative response and resolution time are: Priority 1 (critical),.A complete outage where the Service cannot be accessed, affecting more than 75% of users - response time- 15 minutes; resolution Time - 4 hours. Priority 2 (Major)- Service affecting or partial outage, including intermittent failures, affecting more than 50% of users Response time- 1 hour, Resolution time - 8 hours Priority 3(Minor)- Minor Service impact on system functions or affecting only single users. No direct impact on full-service availability. Response time- 6 hours, Resolution time- 3 business days Priority 4(Low) - Low impact on the Service or system functions Response time- 1 business day; Resolution time- 1 week. Our Gold level support is available which offers enhanced response and resolution times. Enhanced support requirements should be discussed during the buying process and will be quoted separately.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: A Webex Notify account will be created and the log in details will be shared with the Buyer who can now login and access their service. The buyer will have access to purchase activation SKU's which will allow Cisco to provide resource to help dersign and build specific service requirements. The buyer can also access free and chargeable training programs, consisting of online and face to face deliverables to help Buyers move to a self-serve model. We we provide: 1/ Online help documentation 2/ Training sessions and go-live support as agreed with the CSM 3/ In service support and advice to make sure that the Buyer is achieving best value.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: We support users to extract their data when the contract ends. This can be done by the user themselves using the service tools or as an additional service. Service users must raise a ticket through our L1 support team as per standard Operational requests and raise a request for data extraction. IMIconnect supports exporting of data into files that can be ingested into the client’s own systems or data storage locations.
• End-of-contract process: At the end of the contract we follow an offboarding and decommissioning process. We delete customer related, profile related and configuration related data following our disposal policies. Our data-destruction policies and procedures provide strict controls for governing the physical and logical destruction of data storage devices and data. Physical destruction is undertaken by a certified provider under a controlled process, and is fully-logged. Destruction providers are audited as part of our ongoing 3rd party review process. Devices to be re-used are hard-wiped using industry-approved data destruction tools. As part of the end-of-contract offboarding process the Buyer can request extraction or deletion of their data. Where data extraction is to be completed by IMImobile, this activity may be chargeable depending on scope and complexity.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: The service interface is accessible through web based GUI and is access restricted. Based on the role, users will be able to access below features available on the service interface: 1. Home page 2. Messages (for creating and managing send message service) 3. Address book (for multilayer contact management) 4. Users & Roles 5. Reporting 6. Message Settings (for managing service configurations) 7. System Settings 8. Help (for user guides and quick guides) 9. Tour 10. Live Messages The web application is accessible only on HTTPS, which means all communication between the browser and server is encrypted.
• Accessibility standards: None or don’t know
• Description of accessibility: We are not fully WCAG compliant. But we do try to follow the guidelines to an extent. To make our platform accessible, we use • Text color contrast is used according to the standards to make information distinguishable ; ; • Keyboard shortcuts for controls (Though there are some keyboard traps) ; • Labels or tooltips on visual elements like icons and imagery (for relevant ones) ; • Distinction in different states of same elements ; • Error handling for all the input fields ; • Hierarchy in the typography, descriptive headings and proper descriptions
• Accessibility testing: We have not completed formal testing with users of assistive technology. However, our interfaces can be tailored in some cases to meet the requirements of users with physical impairments.
• API: Yes
• What users can and can't do using the API: Webex CPaaS products include a comprehensive library of REST APIs and full documentation is available upon request. Our onboarding process includes the agreement and documentation of all service deliverables, including the identification of appropriate APIs. As part of this process we will also provide best practice recommendations on accessing and consuming the data from the API library. Our services are designed to make configuration and customisation as simple as possible with intuitive interfaces which use drag and drop, ‘low code’ tools. This means that users do not usually need to interact directly with the APIs themselves. However, users with the relevant administrative permissions are free to access the APIs and make changes to the ways that the data and functionality delivered via the APIs is consumed. Furthermore, users with relevant permissions can access the API Hub to access resources exposed in a secure way using Oauth 2.0 standards.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Notify can be used as a platform for customised usage through solution design and the rich set of APIs. 1. Custom Branding: Customer can change logo and background image as per customer requirement. 2. Templates can be created for different use cases as per customer need along with support for placeholders, footers to stay on brand. Message delivery hours and anti-social hours can be customised to control schedule for sending messages. 3. Roles & Org Units: Organisation Unit can be created by mimicking enterprise's organisation hierarchy. Custom roles can be created with unique set of menus and permissions such that service access is controlled as per the business requirement. 4. Channel Assets: Users can configure email domain as per their business need and can create originators on their own. 5. Password policy config: Password rules can be configured for users when logging in and changing passwords. Default strong password policy and customisations on top of it are allowed by the users. But all the base configurations will be aligned with Cisco security policy standard.

Scaling

• Independence of resources: The service will allocate a fixed capacity that is agreed with each Buyer. Allocation is controlled automatically by the service platform to guarantee that users aren't affected by the demand other users are placing on the service.

Analytics

• Service usage metrics: Yes
• Metrics types: The service includes as standard a comprehensive suite of management information tools and displays to allow the user to monitor and report on service metrics, including the following: 1/ Agent activity and performance 2/ Inbound and outbound contact demand 3/ Contact volume and outcomes 4/ Campaign performance 5/ Trend analysis 6/ Service activity logs. Service metrics can be customised by the user to meet specific reporting and management information requirements.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can export (and import) their data using the standard tools provided in the service interface under permissions control. This can be done as a manual or scheduled activity using the standard scheduling capabilities of the service. Data can also be exported (and imported) automatically under API control.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • SQL Database
  • JSON
  • XML
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • TXT
  • JSON
  • XML

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We guarantee a service availability of 99.95% with our historical performance exceeding this guarantee. As such no service credit or refund process has been necessary or is offered.
• Approach to resilience: The service is deployed over two availability zones (AZ). Each of the AZs can work independently and with full capacity. However, to support High Availability (HA), both the AZs work in Hybrid mode. Therefore, in the case of a failure the service traffic would still be processed. All components are designed with N+1 redundancy (Database with N+N redundancy- primary-primary or primary-secondary configuration; storage with 1+1 redundancy). The service is deployed in active-active mode across two availability zones, so deployment on one zone acts as a disaster recovery for the deployment on the other zone. Proactive monitoring is achieved with traps and alerts setup in various modules not just within applications but also our gateways, application servers, databases and our middleware. Alerts are automatically sent to our NOC which is available 24x7. Technical support looks into these alerts to mitigate issues at an early stage. We also monitor system capacity and analyse traffic to identify any anomalies and identify potential issues.
• Outage reporting: We proactively monitor the service with traps and alerts setup in various modules not just within applications but also our gateways, application servers, databases and our middleware. Alerts are automatically sent to our NOC which is available 24x7. Technical support looks into these alerts to mitigate issues at an early stage. We also monitor system capacity and analyse traffic to identify any anomalies and identify potential issues. Support tickets are created in our ticketing tool (ServiceNow) with service affecting issues reported to users via email.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Every user has a unique username and password that they need to enter to login and access the service. We also support integration with Single Sign on (SSO) over SAML. Each user is configured with a set of permissions that restrict access to management information and support channels as required.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI, Holds Certificate Number: IS 736923
• ISO/IEC 27001 accreditation date: 27/02/2024
• What the ISO/IEC 27001 doesn’t cover: Not Applicable
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: ISO 9001:2015

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We are registered with the UK Data Protection/Information Commission registrar. We are compliant to GDPR regulation. We operate a comprehensive IMS (Information Management System) to ensure that all customer data is protected by strong controls against unauthorised access, theft, interception or compromise. This system is implemented as part of our ISO/IEC 27001:2013 processes and operated in-line with PCI-DSS requirements and UK data protection requirements. We confirm that we will comply with Local and other territorial legislation and regulatory controls as required. We understand the risks of storing and processing data in territories with extra-territorial reach (such as the US Patriot Act) and take all measures to ensure the security, availability and integrity of all customer data.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: IMImobile provides its services to clients with scheduled quarterly upgrade cycles. All upgrades go through a defined change management process including a Change Advisory Board (CAB) that comprises technical and business stakeholders. The CAB assesses proposed changes to the service platform which includes the impact on service availability, performance and security. The lifetime tracking of changes to the components of our service is managed and documented within our ISO9001 accredited process.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our vulnerability management process assesses potential threats to our service based the following test schedule: monthly internal vulnerability scans, quarterly internal penetration tests and annual external penetration tests carried out by certified third party. Identified threats are impact assessed and prioritised based on severity with patches applied appropriately which could be immediately for severe threats. Information about potential threats comes directly from our testing activity, from our customers and suppliers and our security team who are trained and supported by SANS Cyber Security.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We identify potential compromises using high industry standards such as ASVS and CIS. We utilise a continuous monitoring and analysing Security Operations Centre (SOC) team. Along with this we regularly orchestrate up to date CREST approved penetrations tests and run regular vulnerability scans across our platforms to ensure we have no known exploitable areas. We have an defined incident management process compliant with ISO 27001 requirements. Responsibilities and procedures are in place to handle information security events and weaknesses effectively once they have been reported. Logs and security events are monitored and acted upon by our 24 hour SOC team.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: IMImobile has an established incident management process compliant with ISO 27001. Responsibilities and procedures are in place to handle incidents effectively once they have been identified. A process of continual improvement is applied to the response, monitoring, evaluation, and overall management of information security incidents. In case of a failure of our services, it is communicated to the relevant stakeholders with appropriate information. All logs and security events are configured to centralised SIEM solutions and monitored by our 24 hour Security Operations Centre team. Incidents are logged and tracked until closure with full incident reporting and analysis provided.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  IMImobile was acquired by Cisco in 2021. For over 15 years, Cisco has been a leader in environmental sustainability, working to cut emissions, reduce waste, and create efficient products. Its sustainable design ethos is evident in its products, such as smart technologies and telecommuting tools, which help to decrease energy use and travel, thus reducing carbon emissions.; ; The Cisco Foundation has committed a substantial $100 million over ten years to fight climate change by funding technological solutions, carbon and GHG reduction efforts, climate resilience, and green job initiatives, as well as educational programs for communities. Cisco is also refining its supply chain and technology production processes for better ecological outcomes.; ; Globally, Cisco has transitioned to 100% renewable energy in multiple countries, including the UK. The company is close to its goal of using renewable electricity for at least 85% of its energy needs worldwide in 2022 and is set to achieve a 60% reduction in Scope 1 and 2 GHG emissions. Collaborative efforts with suppliers aim to minimise emissions throughout the supply chain.; ; Embracing circular economy ideals, Cisco is on course to design all new products and packaging by 2025 to be circular, with a focus on reuse, repair, and efficiency. Moreover, Cisco is enhancing its product services and take-back programmes, maintaining its pledge for 100% product returnability.; ; Cisco's environmental strategy aligns with its vision for an inclusive future, leveraging innovation for the benefit of communities and the environment. The company transparently sets and reports on its environmental targets, in line with the Science Based Target initiative.; ; Cisco has set a target to achieve net-zero GHG emissions across all scopes by 2040, ten years earlier than the global recommendation. This includes a plan to reach net-zero for Scope 1/2 emissions by 2025, demonstrating its dedication to a sustainable future.

  Covid-19 recovery

  IMImobile was acquired by Cisco in 2021. As the pandemic led to unprecedented shutdowns, Cisco swiftly took action to support the vulnerable, aiding nonprofits that delivered assistance to first responders and those needing food, housing aid, or financial relief due to lost wages.; ; Cisco and its collaborators focused on deploying networking, security, and IoT solutions to facilitate vaccine logistics from manufacturing and delivery to patient care. Quality control is bolstered by AI-driven sensors and cameras that monitor critical variables such as temperature and efficiency, while comprehensive security measures safeguard access to vaccines and sensitive information.; ; Cisco and Meraki extended support to entities of various sizes through technology contributions and adaptable pricing options. Post-pandemic, the working landscape is set to change, potentially leading to reduced traffic, lower environmental impact, and job growth outside urban centers due to fewer people returning to offices full-time.; ; Webex is at the forefront of enhancing remote work, integrating AI and cutting-edge technologies to enable seamless collaboration, including data sharing and large meetings, on a single, unified platform.; ; In partnership with government bodies, Cisco has facilitated secure remote work infrastructures, bolstered public participation, and ensured the continuity of essential services in tough situations.; ; Cisco's efforts have also eased the shift to online learning, supported by its social responsibility initiatives such as the Cisco Networking Academy and collaborations with nonprofits like Talking Points and the MIND Research Institute.; ; Understanding the significance of collaborative efforts, Cisco teams up with organisations like MuralNet, where it contributes financial aid and shares its technical and market acumen to promote the Sustainable Tribal Networks program, emphasising the importance of partnerships in driving substantial progress.

  Tackling economic inequality

  IMImobile was acquired by Cisco in 2021. Cisco's Conscious Culture is a beacon of inclusivity, driving support for diversity, team collaboration, and community outreach. This philosophy is integral to Cisco's mission to empower an inclusive future, particularly for the underserved, using technology to address societal issues such as disaster response, economic inequality, digital access, and the education gap. Cisco's ambitious target, set in 2016, is to impact one billion people by 2025 through grants and CSR efforts, focused on seeding tech solutions via nonprofit partnerships.; ; Cisco prioritises equitable access to technology, nurturing opportunities that foster community development and economic progress. This commitment is evident in support for skill development, inclusive entrepreneurship, and financial services for the unbanked, promoting both local and global economic growth.; ; The Cisco Crisis Response (CCR) team, combining the Critical Human Needs and Tactical Operations teams, provides robust humanitarian support. With a network of over 300 volunteer Cisco employees, CCR extends assistance through grants, technical advice, and emergency network services.; ; Notable achievements of CCR include guidance on tech grant usage, supporting COVID-19 relief with equipment and remote help, building partner capacity, engaging in strategic alliances like the Emergency Telecommunications Cluster (ETC), and empowering Cisco volunteers to make a difference.; ; Cisco's Networking Academy has helped over three million individuals in 2021, and the Pathways Programme offers workshops and work experience to inspire future IT professionals.

  Equal opportunity

  IMImobile was acquired by Cisco in 2021. At Cisco, inclusion acts as a bridge, connecting diverse perspectives and fostering innovation through digital transformation. By investing in our people, we're developing innovative solutions to critical business challenges and reinforcing our commitment to equity and diverse talent development. We’re cultivating emerging leaders and embracing technology to create inclusive spaces while advocating for social justice globally.; ; Cisco is committed to diversity, equity, and inclusion, starting with leadership. Our executive leadership team is one of the most diverse in the industry, with 46% women and 54% representing a mix of genders and ethnicities. Our Board of Directors is also diverse, with 36% women, and ethnic representation including 9% Asian, 9% African American or Black, and 18% identifying with diverse sexual orientations.; ; Reflecting on our fiscal 2020 data, our global workforce was 27% women, while in the U.S., ethnicities included 51.8% White, 36.5% Asian, 5.8% Hispanic/Latinx, and 4.1% African American/Black. We continue to see growth in workforce diversity, notably in the recruitment of African American/Black talent across various levels.; ; Cisco's new strategies for enhancing diversity involve innovative talent acquisition frameworks, such as advanced tools for talent market analysis, crafting job postings to attract diverse applicants, and ensuring diverse interview panels.; ; We stand firm in driving social change for all communities, regardless of color, ethnicity, gender identity, military service, ability, age, sexual orientation, social class, faith, nationality, or family status. Cisco has pledged to CEO Action for Diversity and Inclusion and outlined our Social Justice Beliefs, including addressing systemic racism with an antiracist stance.; ; We uphold fair compensation as a founding signatory of the White House Equal Pay Pledge and through our leadership in the Employers for Pay Equity Consortium. Cisco also employs a comprehensive framework for analysing our compensation system to promote pay equity.

  Wellbeing

  IMImobile was acquired by Cisco in 2021. At Cisco, we prioritise our employees' well-being, advocating for a safe and supportive work-life balance. We believe that recognising individuals for their uniqueness and promoting harmony between professional and personal life leads to greater productivity and community contribution. Our goal for 80% employee involvement in community outreach was reached in 2020 and maintained in 2021, with over 85% of UK & Ireland employees participating.; ; As a Responsible Business Alliance (RBA) founding member, Cisco enforces the RBA Code of Conduct with our suppliers, ensuring they uphold human rights, health, well-being, and economic opportunities. Suppliers' compliance with our standards is rigorously evaluated.; ; Cisco supports employee well-being through various initiatives:; • Regular company-wide meetings for check-ins; • Team Space for weekly leadership updates; • Functional and regional all-hands gatherings; • Quarterly leadership and dedicated Leader Days; • 'We are Cisco' digital community platform; • 'A Day for Me' providing paid leave for employees to rest; • 29 Inclusive Communities with a range of resource groups and networks; ; Our commitment to a supportive work environment has earned Cisco top accolades. In 2022, Fortune's 100 Best Companies ranked us as the number one Best Place to Work across multiple countries and second-best in the UK and Ireland. Our inclusive culture empowers employees to focus on their well-being, navigating through times of change.; ; For the second year in a row, in 2023, Cisco UK was honoured as the best workplace for well-being in the super large category (https://www.greatplacetowork.co.uk/awards/uks-best-workplaces-for-wellbeing-2022/), reaffirming our dedication to fostering employee health and happiness.

Pricing

• Price: £2,205 a licence a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at natasha2@cisco.com. Tell them what format you need. It will help if you say what assistive technology you use.