Windsor Telecom Limited

Cloud Telephony, Contact Centre & Unified Communications

Windsor Cloud Telephony is a complete, secure solution. Feature-rich and device agnostic. It is easy to administer and manage your telephony, features and assets with an intuitive cloud control panel. Track performance with our call stats package. Move away from dated and expensive phone systems to an agile scalable environment.

Features

• Memorable Telephone Numbers: 030 and 033 ranges, porting existing numbers
• Inbound call management: contact centre tools, routing plans, statistics, DR
• Hosted PBX; Fully-featured, reporting, wall boards, disaster recovery.
• Call Recording: retention periods, access online via portal, download, audit
• M365 Teams Integration; UC application, integrated with cloud telephony
• CRM Integration: click to dial, out-of-the-box or bespoke integrations
• Wall boards & Analytics; standard and bespoke management reporting applications
• Guaranteed Connectivity options; assured end-to-end QoS over Windsor connectivity

Benefits

• Easy and enjoyable: focus on end-user adoption and customer success
• Work anywhere: cloud service runs on multiple devices over internet
• Simple to manage: optimise admin control and visibility
• Cost effective: simple per user cost model
• Full support: 247, 365 day support by our UK-based team
• Account Management: Dedicated Account manager allocated as point of contact
• Improves efficiency: save travel time and costs through online meetings
• Remove capital expenditure: No up-front costs, a transparent monthly pricing-model
• Disaster Recovery with calling plans easily invoked

£1.00 to £1,000,000.00 an instance a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at nick.grime@windsor-telecom.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

582262186480223

Contact

Nick Grime
03331234007
nick.grime@windsor-telecom.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: "All Priority-1 tickets are responded to within 5 mins 24x7 and priority-2 tickets are subject to a one-hour review time. Other Tickets are also responded to with 1-hour, however during normal working times only. ; ; There is a helpdesk that can be called directly with a team of engineers available to respond to your enquiry and out of hours you are requested contact this team via telephone. During hours tickets can be raised by telephone, email or via the portal or live chat.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: Our webchat technology partner is Zendesk, who are a well-known global company. They have undertaken extensive testing with assistive users, allowing us to offer the most efficient and seamless user experience possible. ; ; However, this is only as good as our internal support processes, which are regularly tested with a feedback loop from our ongoing customer satisfaction programme.
• Onsite support: Yes, at extra cost
• Support levels: All clients are allocated a dedicated customer success manager who can be accessed directly during working hours via phone, email or online chat, as well as a dedicated emergency helpline that can be called 24 hours a day, 365 days a year. A clear escalation path, with appropriate contract details, is also provided, up to board level that can be accessed should the customer ever wish to.; ; A full range of remote and on-site support is available in line with SFIA definitions and rate card enabling us to provide a full support suite appropriate to our clients' needs. A comprehensive set of training materials are available, covering the full life cycle of the service, with versions aimed at both administrators and end users. Materials variously take the form of brochures, fact sheets, user-guides, and videos.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: On-boarding your organisation; this welcomes you as a new customer to Windsor and sets up the relationship. We ensure clear expectations are set with project owners to make sure all contracts and service level agreements are in place, a contact plan and is established and that you are clear on how to reach us should you ever need help and support. We will also set up and train administrators on our portals and that billing, payment and service reporting processes are all set up.; ; Implementing your solutions; we will agree an implementation plan and set out our regular KCI (keeping customer informed) cadence. All solutions will be overseen by a member of our account and customer success team and depending on the scale and complexity either a provisioning coordinator or suitably qualified project manager working to our in-house methodology to ensure delivery to time, budget and quality. As well as establishing our own services and work with our technology partners (such as carriers for the delivery of new infrastructure, or vendors for any required hardware), but with your consent can support managing your legacy suppliers during any porting or migration process.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data, including Consumer Generated Data, is securely held, and destroyed in accordance with our GDPR policy which is available on our website.; ; Any hardware disposals are made in accordance with current guidelines, with the equipment being wiped and then disposed of in accordance with WEEE regulations. If a customer wishes to extract their data they may speak directly with their Customer Success Manager or email into operations@windsor-telecom.co.uk
• End-of-contract process: Should you need to leave us, please follow our off-boarding process. All our agreements can be terminated on 30-days’ notice, providing any minimum term has expired.; ; Please provide notice of termination in writing, which can be submitted electronically. If you have been loaned any CPE (Customer Premise Equipment) we will contact you to arrange collection, or you may be given the option to purchase at market value. Any outstanding invoices should be settled upon account closure. Should reasonable migration assistance away be required, this will be provided subject to the SFIA rate card.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: As we have developed our portals, we have ensured that functionality & UX are optimised for desktop, tablet and mobile form factors. There is no loss in functionality between these devices.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: The majority of clients consume our service via our online portal, however a documented API is also available. The majority of clients who consume services via our API either use it for reporting purposes or have a bespoke requirement. There are no limitations on the use of our API, save for compliance with our testing and security policies.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: As our platform is API based and developed using open source technology, users are able to customise all aspects of the service. This can be achieved either through their own integrations or via an agreed scope of works and created by our team of in house developers. Customisation may typically involve both bespoke product setup and / or data reporting.

Scaling

• Independence of resources: Compute, storage and connectivity requirements are constantly monitored with significant headroom being maintained. We collaborate with a variety of providers allowing us to guarantee no degradation of service caused by demand.

Analytics

• Service usage metrics: Yes
• Metrics types: Service and user level information including utilisation and availability reporting. Analytics are available, often in real time, either via our portal or we can assist with bespoke levels of reporting, or API access to the statistics to feed into your command or operations centre.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft, BT, Draytek, KCOM, Simwood, Yealink, TalkTalk Business

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: This can be applied for via customer services in line with our Privacy & GDPR policies.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: We are committed to proving a consistently excellent service, with a 100% target availability for all core systems and platforms. ; In the event of service interruption, incidents will be assigned the following Priorities:; • Priority 1 (Major Incident): Total loss of service to a core system, or a fault causing serious business interruption to one or more customers. Escalated to COO immediately.; • Priority 2 (Critical Incident): Degradation of a core system, or a fault materially business impacting to one or more customers. Escalated to COO after 2 hours.; • Priority 3 (Important Incident): Impact to non-essential systems or partial loss of resilience, a fault affecting one or more customers, but with limited business impact. Escalated to COO after 4 hours.; • Priority 4 (Minor Incident): Limited impact to non-essential systems, a fault affecting one or more customers, but with little or no business impact. Escalated to COO after 8 hours. Where offered, Service Credits will be based on exceeding the Maximum Time To Restore (MTTR) for the applicable service elements, as specified within the Product Terms and Customer Order
• Approach to resilience: All core services are designed to a minimum of an N+1 standard, with sufficient compute and storage head room. Critical platforms are deployed across three availability zones, with near real time replication and the ability to maintain services in the event of losing two out of the three geographically diverse zones. ; ; Additionally the control and management layer (BSS&OSS) is hosted separately from the core platform ensuring management can be maintained at all times.
• Outage reporting: Service Status Page, Email and Text as applicable. API integration is also available on request but not a standard procedure. In case of a major outage we make every endeavour to reach out personally via your customer success manager.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Windsor use Role-based access control, applying the principle of least privilege.; o Accounts are specifically related to the relevant systems and where applicable SSO is used to maintain positive level of user experience.; o Where any accounts have system-wide privileges these are subject to additional approval and audit measures that apply equally in all circumstances, with no dual roles.; o Customers may have one or more administrator role, for example read/write/delete access or form management reporting within their own specific part of the org.
• Access restriction testing frequency: Less than once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Description of management access authentication: We offer a three core levels of permissions-based access:; • Account Authority: This level can enter commitments on behalf of the customers, approve moves, adds, and changes, including adding other Authorities.; • Account Administrator: This level will be able to add and remove users and features, including changing other users’ settings at an individual/departmental level.; • End User: This level will have access to only to services specifically assigned for their use and the ability to utilise functions used in their day to day working.; We utilise encrypted passwords and offer single sign on with ability to offer two-factor authorisation.

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Actively working towards ISO/IEC 27001 certification to augment internal policies and procedures in place
• Information security policies and processes: Actively working towards ISO/IEC 27001 certification to augment internal policies and procedures in place. The COO reports on security governance to the board on a monthly basis.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: • Any impact assessment shall include the potential effect on other information resources and potential cost implications. The impact assessment should, where applicable consider compliance with legislative requirements and standards. ; • All change requests shall be prioritised in terms of benefits, urgency, effort required and potential impact on operations.; • Changes shall be tested in an isolated, controlled, and representative environment (where such an environment is feasible) prior to implementation to minimize the effect on the relevant business process, to assess its impact on operations and security and to verify that only intended and approved changes were made.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Host and network controls are employed to protect the systems third party hosting of applications and information for the end customer. Where applicable, certification against external standards is typically to ISO 27001 or better.; Patch management forms a key part of our in-life process, with the policy of applying all vendor patches as soon as reasonably possible following their release.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: • Windsor Telecom Limited will run internal and external network vulnerability scans at least quarterly and after any significant change in the network (such as new system component installations, changes in network topology, firewall rule modifications, product upgrades).; • Quarterly internal vulnerability scans must be performed by Windsor Telecom Limited by internal staff or a 3rd party vendor and the scan process must include that rescans will be done until passing results are obtained, or all High vulnerabilities as defined in PCI DSS Requirement 6.2 are resolved.
• Incident management type: Supplier-defined controls
• Incident management approach: Suspected incidents may be reported via telephone, email or our online portal. We have a defined process for incident management with a clear path of escalation. Incident reports are provided via our online portal and also by email to the buyer, where appropriate.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Wellbeing:

  Wellbeing

  We will ensure all suppliers, customers and contractors support the wellbeing of their staff through clearly defined health and wellbeing policies. ; We will partner with a third party wellbeing provider to put in place a structured and funded wellbeing plan that provides support for people working on the contract.

Pricing

• Price: £1.00 to £1,000,000.00 an instance a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Full feature trial / proof of concept where agreed.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at nick.grime@windsor-telecom.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.