CW Squared Ltd

Voice for Microsoft Teams

Leverage your investment in Microsoft Teams to bring enterprise-grade network and resilience to your business voice communications, whilst enjoying significant cost savings compared to Microsoft calling plans and allowing you to extend the value of your existing 365 licence fees.

Features

• Integrates telephony natively with Microsoft Teams
• Deployed in the cloud
• Integrates with business applications such as CRM
• Removes key obstacles associated with 3rd party communications solutions
• Direct Routing integration with no bots or plugins
• Comprehensive analytics with full insight into calling quality and performance
• Global PSTN connectivity: free calls in up to 38 countries
• Number porting: keep the same geographical number wherever you are

Benefits

• Never miss a call: tailored enterprise-grade business continuity
• No on-premise SBC equipment or expertise required
• Fully managed service with a single dedicated contact
• Significant cost savings compared to Microsoft's limited calling plans
• Online access to business insights such as call handling efficiencies
• AI-powered reporting and analytics via Power BI
• Robust quality of service and service level agreements
• Fully managed service with a single dedicated contact
• High availability and 24/7 helpdesk
• Enhanced user experience without leaving the familiar Teams interface

£8.50 a user a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at public.sector@cw-squared.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

534848486461304

Contact

Public Sector team
020 7167 4349
public.sector@cw-squared.co.uk

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Microsoft Teams E1-E5
• Cloud deployment model: Public cloud
• Service constraints: No
• System requirements:
  • Microsoft O365 E1-E4 licence + Microsoft Phone System licence
  • Microsoft O356 E5 licence (Microsoft Phone System licence included)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Service level targets - Feedback Timescales; Severity Level - Response Time; P1 (Critical) - 30 Minutes (max); P2 (High) - 60 Minutes; P3 (Non-critical) - 4 Hours; ; Service level targets - Resolution Timescales; Severity Level - Response Time; P1 (Critical) - ASAP; P2 (High) - One Day; P3 (Non-critical) - Five Days
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: We have assessed our web chat against GDS standards via a dedicated accessibility testing report.
• Onsite support: Yes, at extra cost
• Support levels: We have a single level of support provided to all clients. All support fees are included within the monthly license fees. All clients are assigned a technical services engineer to manage their project through to successful deployment. Post deployment, we have four tiers of support that will assist with all questions or queries. The Technical services team will assist with any major changes to business processes and deployment/training of new features.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: All solutions are deployed by our fully trained technical services engineers (TSE) who will manage the deployment project from start to finish. The TSE will provide onsite and / or remote training supported by documentation and knowledge base articles held on the support desk portal.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The solution has simple data download processes built into the interface. Therefore, a user with sufficient admin permissions will be able to extract the client data when the contract ends. If necessary, the support team can upload the requested data to a secure FTP service chosen by the buyer.
• End-of-contract process: At the end of the contract the buyer's recordings and data can be uploaded to a secure FTP site of the buyers choosing.; Once the buyer has confirmed receipt the buyer's system will be securely purged of all software and associated data.

Using the service

• Web browser interface: No
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Browser based console to allow user management, config, etc.
• Accessibility standards: None or don’t know
• Description of accessibility: Configuration is available to users via a browser interface, which can use assistive technologies
• Accessibility testing: None - the interface is configuration only
• API: Yes
• What users can and can't do using the API: REST APIs
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Configuration is available to end users and supervisors

Scaling

• Independence of resources: Solution is highly scalable and hosted by a combination of Amazon Web Services UK and Oracle Cloud. Highly available and scalable connectivity is provided by Aryaka SD-WAN

Analytics

• Service usage metrics: Yes
• Metrics types: Monthly summary call statistics and spending is sent via email to nominated users. CDR extracts can be emailed or uploaded daily to secure FTP if required.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: 8x8, SCB Global, Wavenet

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Other
• Other data at rest protection approach: All hosting is cloud based. All virtual disks will be specified as encrypted. The cloud provider will implement physical access control.
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Data exports can be done manually through the service interface by users with sufficient security privileges. The exported data will be provided in comma delimited csv format. Any call recordings will be provided in mp3 format.
• Data export formats: CSV
• Data import formats:
  • CSV
  • Other
• Other data import formats: Data can be uploaded via the OpenAPI

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.95% availability target with service credits.
• Approach to resilience: Multiple SIP trunks and PSTN carriers so that the service is not dependent upon a single carrier. Hosting in cloud data centres (AWS and Oracle cloud) with failover.
• Outage reporting: Any outages are reported via email alerts, plus a public dashboard

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Access can be locked down to specific IP ranges and requires username/password over TLS. Standard Microsoft role-based access controls.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • CyberEssentials
  • Our suppliers hold ISO27001 and PCI certifications

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Our solutions provide an ISO 27001 information security management system (ISMS) providing a management framework of policies and procedures that will keep your information secure, whatever the format.; ISO 27001 certification demonstrates that we have identified the risks, assessed the implications and put in place systemised controls to limit any damage to ourselves as an organisation and any of our customers.; We take internal and customer data security as paramount when we implement and manage systems.; Monthly audits take place to ensure ISO 27001 compliance with all results reported to the senior management team.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Each change is initiated as a Request – better known as a "Request for Change (RFC)”. This request will also serve as a record and as evidence that a particular change has been requested. The change can be initiated internally or externally, and will be registered in a specific form on the support portal.; The RFC is received by a person who is responsible for analysing it, so this person is the first filter. This person is responsible for studying the details of the request and identifying the potential impact to the business, including economic and information security impact.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We use OWASP, Open Web Application Security Project, tools to perform vulnerability testing. The OWASP method is based on the black box approach. The tester knows nothing or has very little information about the application to be tested. Once a potential threat is identified it is sent through the RFC process to ensure we follow our processes and anything that has a business critical impact is addresses as a top priority.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We use OWASP, Open Web Application Security Project, tools to perform vulnerability testing. The OWASP method is based on the black box approach. The tester knows nothing or has very little information about the application to be tested. Once a potential threat is identified it is sent through the RFC process to ensure we follow our processes and anything that has a business critical impact is addresses as a top priority.
• Incident management type: Supplier-defined controls
• Incident management approach: All incidents are logged and tracked through our online helpdesk portal. Any new incidents reported via email/phone/chat will be logged as a new ticket with all relevant information. All updates are provided via email through the helpdesk and phone calls where necessary. Each ticket is handled by the 1st line team and escalated to other teams as required.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Public Services Network (PSN)

Social Value

• Fighting climate change:

  Fighting climate change

  By 2030 Microsoft will be carbon negative, and by 2050 Microsoft will remove from the environment all the carbon the company has emitted either directly or by electrical consumption since it was founded in 1975.
• Tackling economic inequality:

  Tackling economic inequality

  8x8 is a sponsor of the Cristo Rey program which supports low income high school students. Founded in 1996, the program works with 35 schools nationwide, helping them achieve a nearly 100% high school graduation rate. Each student works one day a week plus one Friday per month. Students are assigned to a supervisor who helps manage the student’s work and ensures that the student is trained on assigned projects. The money that the student earns goes towards their college tuition. 8x8 is happy to partner with the program and enable high school students to learn valuable skills and further their education.
• Equal opportunity:

  Equal opportunity

  The gender gap continues to widen in the tech industry and 8x8 is taking initiatives for women in technology with an aim to close the gap. They celebrate International Women’s Day every year and we have a ‘Women @ 8x8’ group which, in support of diversity, welcomes both men and women to host and volunteer as speakers at events.; ; 8x8’s ‘Women in Tech’ program is for women in all roles, not just engineering. The group is designed to promote conversation and talk about the challenges many women face in the workplace. They host a variety of events such as online webinars, workshops and speaker series. Areas of focus include leadership development, work-life integration, building a personal brand and more. Their goal is to provide all women at 8x8 with the tools, knowledge and support needed to flourish in a technical work setting.

Pricing

• Price: £8.50 a user a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at public.sector@cw-squared.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.