Exchange Communications Installations Ltd

storm CCaaS provided by Exchange Communications

Exchange have entered into a strategic UK partnership with Content Guru, the only UK headquartered provider to feature on the 2023 Gartner Magic Quadrant for CCaaS. storm CCaaS is Europe’s leading cloud communications solution and the only platform in the UK to be trusted to operate 999 calls.

Features

• True Cloud provided in multi-tenanted platform
• Delivered via a monthly license cost model
• Delivered over carrier grade, high-availability and Geo-redundant data centres
• Architected to 99.999% core availability
• 100% browser-based accessible via any major browser
• Mobile working with native Apps for Android, iOS, macOS, Windows
• Seamless Microsoft Teams integration
• Modular and flexible providing value-added service to any size business
• Award winning Gartner recognised CCaaS
• Fully UK based and housed

Benefits

• Easier roll-out, increased control, automatic updates, built-in business continuity
• Modular, scalable, pay-as-you-grow model that provides the ultimate flexibility
• Home/Mobile workers enjoy same call benefits as office-based workers
• Calling from multiple devices, including office/home phone, business/personal mobile, anywhere.
• Easy management, setup and configuration from intuitive UI Admin portal
• Additional users or functionality can be added quickly
• No on-going maintenance charges or software upgrade costs
• Fully Omnichannel - voice, SMS, email, webchat and social
• Social includes Facebook, Instagram, X, WhatsApp, Viber, Line, Trustpilot, Google

£23.00 a user a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@exchangecommunications.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

631258163156814

Contact

David Morse
0141 776 8859
bids@exchangecommunications.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Exchange Communications 1CloudTalk Telephony powered by Avaya
• Cloud deployment model: Private cloud
• Service constraints: Planned maintenance is performed to have zero impact. Software upgrades to the platform are scheduled in advance to have zero downtime.
• System requirements:
  • Fully scalable
  • Multiple modular licence options
  • Seamless integration with MS Teams
  • Single pane of glass browser based app
  • Drag and drop automated workflow creation tool
  • Intelligent Automated Contact Distribution
  • Flexible multi-channel routing and queuing
  • Flexible inbound number management and outbound campaign module
  • Always on or on-demand Call recording
  • Real-time and historical reporting

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We acknowledge receipt within 1 working hour and all questions are responded to within 4 working hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Through our current website a user can initiate a web chat, leave a message or request a call back
• Web chat accessibility testing: Current website being upgraded
• Onsite support: Yes, at extra cost
• Support levels: Silver (level 1) - 09:00 to 17:00 Mon-Fri excluding public holidays, Phone/Fax/ email support, Proactive monitoring, Dedicated service desk team, customisable notification, Remote diagnostics, Escalation process Price per Annum 5% of RRP of supported item Silver (level 2) - As per Silver Level 1 except 08:00 to 20:00 Mon-Fri excluding public holidays Price per annum - 7% of RRP of supported item Gold - As per Silver level 2 except 24x7x365 excluding public holidays Price per annum - 10% of RRP of supported item Platinum - 24x7x365 as per Gold including Software release management Price per annum - 12% of RRP of supported item. All clients receive a named service desk contact and primary Avaya expert engineer. Mutually agreed SLA's - 30 mins to 1 day response times, 1 hour to 2 day fix times available
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Selecting Exchange Communications as a preferred telephony/communications systems provider is the start of a long-term partnership. The primary objective of this partnership is to maintain our clients’ systems to their optimal performance level, and to help provide a first-class service to their customers and staff. During the implementation stage a Communications Plan is developed as part of the Project Plan detailing which communications are appropriate, frequency, purpose, owner and target audience. Regular review meetings are also arranged at different stages of the implementation to ensure the project is running smoothly and the client is happy with the progress made. As part of the implementation phase we are able to offer online or on-site training speciifc to the client including full user documentation. Once the service is live, we believe that communication remains vital. Our standard approach for communication and client engagement requires three primary forms of engagement: • Account Management - responsible for the day to day account relationship, providing a consistent and informed point of contact • Solution Management - responsible for product and service design and emerging market technology. • Service Management responsible for all aspects of service performance, reporting and support within the Service Support Centre.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Exchange will assist any new provider to minimise the risks of transition and fully co-operate providing electronic downloads of all parameters pertaining to DDIs, agents, dial plans and call flows. We would continue to provide the normal class of service up until the termination date / time. This includes preserving access to reports and call recordings if required for 30 days beyond the contract end date.
• End-of-contract process: The cost of the data extract service is included within the proposed pricing. The data extract will be run one month before contract termination. Any other services required will incur additional costs that will be quoted in advance for acceptance.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • MacOS
  • Windows
  • Windows Phone
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile client offers all telephony functionality
• Service interface: Yes
• User support accessibility: WCAG 2.1 AAA
• Description of service interface: Storm DTA is an intuitive online agent desktop, that is browser agnostic. DTA allows agents to respond dynamically to voice calls, emails, SMS messages, social media messages & web chats using a single intuitive interface. Caller information pulled from proprietary or third-party systems can be displayed, allowing agents to greet customers personally. For voice calls, an agent script can be displayed on screen to help agents speak to callers in a consistent manner. Users can make & receive voice calls via any device - an IP endpoint, a PSTN device, or the DTA Web iPath (softphone).
• Accessibility standards: WCAG 2.1 AAA
• Accessibility testing: A range of storm modules now meet the most up-to-date version of Web Content Accessibility Guidelines (WCAG) version 2.2, the highest internationally recognized standard for web content accessibility, including for users with auditory, cognitive, physical and visual impairments or difficulties. ; The new accessibility updates, which are designed to improve productivity and accessibility for contact center workers, especially those with disabilities, meet all WCAG 2.2 requirements to level AA. Products covered include storm DTA. WCAG 2.2 AA compliance features are designed to meet a wide range of accessibility requirements, including keyboard navigation, high contrast ratio, corresponding and distinct color and iconography, support for screen readers, and responsive screen and text behavior without loss of functionality.
• API: Yes
• What users can and can't do using the API: Storm FLOW provides the option of a REST API action cell which can allow for the call script to send a request for data retrieval, modification, or deletion to a RESTful API, & then store any data returned for use elsewhere in your script. Modern APIs can be defined in OPEN API/Swagger specifications. These machine readable documents can be uploaded to storm to automatically provision the data items that these APIs require & surface. The agent’s knowledge management can be set to search the database & bring up articles upon delivery of the interaction to the agent.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Client administrators can configure most telephony functions including extensions, services, devices and announcements via the storm admin service portal available over the web.

Scaling

• Independence of resources: The platform is scalable with sufficient capacity to support surges in traffic volume. Each user's calls use the same bandwidth of 100kbps regardless of the device making or receiving the call.

Analytics

• Service usage metrics: Yes
• Metrics types: Configuration and performance reports will be generated to match the clients requirements.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Content Guru storm CCaaS

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Exchange would initiate any data export required by the user.
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: The proposed storm platform is embedded within tier 1 carrier networks, with resilient links to the carrier’s MSP/MPLS network for Voice over IP (VoIP) and the PSTN for TDM calls. Typically, the platform is interconnected with multiple carrier networks, for additional resilience at the network layer.; The platform is hosted at a minimum of two secure and physically separate data centres. These exist in an active-active configuration, and are delivered leveraging high speed, low latency cross data centre connectivity. This architecture delivers seamless resilience and load sharing with the infrastructure and services architected to provide 99.999% uptime. ; In addition to data centre failover, redundancy is provided within the individual data centres to provide further resilience. This is at: server, disk, networking and security levels (e.g. dual firewalls, clustered session border controllers and switches). ; If SLA's are not met service credits are enforced.
• Approach to resilience: The platform’s built-in resilience capabilities can be summarised as follows:; • Hardware clustering; • Hardware resilience and automatic failover; • Active-standby and active-active backup server configuration; • Configuration and database mirroring; • Distributed media storage; • Inter-site resilience links; • Automated failover in the event of a data centre failure with no disruption to service; As stated above, the storm services are delivered across diverse components located within geographically dispersed data centres, resulting in a Recovery Point Objective of 0. Full and transactional back-ups are completed on a regular schedule. The platform offers as standard four hour Recovery Time Objective (RTO) to fix P1 service faults. To summarise:; • Hosted in a public cloud, highly secure and multi-tenanted environment; • Logical, secure separation between ‘organisations’ on storm; • No single points of failure in platform architecture; • 99.999% core platform availability; • Recovery Point Objective of 0, Recovery Time Objective of 4 hours for a P1; • No hosting partners
• Outage reporting: We have an automated email alert system to report any outages

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: A directory of all system passwords are held centrally by Exchange and only provided to the specific engineers assigned to the customer’s account. It is Exchange’s corporate policy to never leave storm systems with default passwords. Unique passwords are provided for every customer and every system they have. Passwords are not created in a format that can be easily guessed (ie. they do not contain an abbreviation of the customer’s name). Passwords are changed / updated particularly if a member of engineering staff ceases to be an employee.; Support requests can only be accepted by authorised Client personnel if neccessary.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
  • Other
• Other security governance standards: Exchange are working towards ISO27002 certification although the storm CCaaS solution is delivered in compliance with ISO 27001 type principals.
• Information security policies and processes: As part of the Data Protection Act 1998 it is the company’s responsibility to identify and specify to all workers undertaking work on behalf of Exchange Communications whether permanent, temporary, agency or sub-contractor staff the appropriate processes and procedures to enable compliance with the Data Protection Act. Ultimate responsibility for this is held by our Managing Director although the IT Security Manager – Ewen Edward-Smith ensures that the policies are adhered to on a day-to-day basis through regular consultation with Line Managers and monitoring of the relevant processes. Staff are encouraged to flag up potential breaches. Breaches are recorded and classified according to their severity with appropriate action ranging from reminding staff of their responsibilities to adhere to policy; amending or improving internal processes to ensure the breach cannot be repeated; and in the most serious circumstances where breach has been deliberate and for personal gain or advantage formal disciplinary procedures will be followed.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The storm solution is completely browser-based & allows self-serving through a secure, highly intuitive and user-friendly interface which provides clients with full control & autonomy if required, where administrators can build &/or modify the entire contact centre via industry standard two-factor authentication. Administrators will be able to manage agent, agent groups, queues, skills & rules, number & access point management, as well as full control on reporting, recording & service creation of workflows including: ; • INBOUND number management; • Disaster recovery; • Time of day routing; • Access point groups; • Multiple onward routing; • Call recording
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Storm CCaaS provides a fully robust and secure system to ensure the best possible protection of data:; • Encryption: All data and calls are encrypted and protected against external attackers and eavesdropping. The encryption system utilises the Transport Layer Security Standard (TLS) and the SRTP Standard. ; • Protection against external attackers: The latest protection programmes are used against viruses, intrusions and DDoS attacks as well as call tampering and hijacking. Antivirus Software is applied and up to date; • Secure data centres: Content Guru data centres follow the highest security standards to prevent Voice Call/Toll Fraud.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Storm CCaaS protects from unauthorised access by utilising the following service design; ; The latest protection programmes are used against viruses, intrusions and DDoS attacks as well as call tampering and hijacking. Antivirus Software is applied and up to date. Only firewall ports required for the service to function are open
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: As part of our Quality Management accreditation we have documented processes covering “Maintenance”, “Fault Reporting” and “Escalation”. Our ‘single point of contact’ award winning service desk is available 24/7/365 days and deals with all reported incidents. Incidents can be reported by using Phone, Email or Interactive Website. Upon reporting an incident, details are entered onto our Salesforce CRM. A unique reference number is issued by which subsequent enquiries pertaining to the fault can be tracked. Full reports covering all incidents logged onto our CRM system will be produced and reviewed.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Exchange have a long established Environmental Management System that is annually assessed & accredited to ISO 14001. Our Environmental Policy ensures the company, our staff & all members of our supply chain work in a responsible manner, reducing the impact of our operations on the environment, wherever possible. ; ; As part of this commitment we have implemented a Carbon Reduction Plan with an aim to be a net zero contributor to greenhouse gases (GHG) by 2030. As part of the plan we measure both direct (ie: electricity, gas, travel for business) & indirect (staff commuting) emissions covering our offices & through our interaction with clients. ; Since implementation we have changed our electricity provider & contract to a carbon-free supply so that gas is our only source of office-generated emissions. We have reduced our fleet of vehicles & encourage less customer site visits through better use of technology. We continue to reduce the volume of waste while increasing the percentage being sent for recycling. These initiatives have seen our carbon emissions decline by approximately 28%. ; ; Over the next 7 years we plan to further address greenhouse emissions as follows: ; • Improve planning to reduce mileage for travel – ie: combine journeys ; • Encourage meetings via video conference to reduce need for travel ; • Investigate & introduce carbon offset measures for air travel ; • Replace air travel with other forms of public transport where feasible ; • Encourage staff to find fewer emitting modes of travel for commuting ; • Maintenance of heating & air conditioning systems to maintain efficiency ; ; Our Carbon Reduction Plan is available for customers to view on our website & is annually updated. Our continuing ISO14001 accreditation is key so we hold scheduled reviews including our senior management team to ensure we continue to monitor & improve our environmental performance.

  Covid-19 recovery

  We acknowledge & appreciate that our business activities impact on the communities in which we operate. For all contract customers we commit to delivering social, economic & environmental benefits during the entire contract period. This includes; ; - Creating employment, re-training and other return to work opportunities for those left unemployed by COVID-19, ; - Support people and communities to manage and recover from the impacts of COVID-19. ; - Support organisations and businesses to manage and recover from the impacts of COVID-19. ; - Improve workplace conditions that support the COVID-19 recovery effort including effective social distancing, remote working, and sustainable travel solutions

  Tackling economic inequality

  We want to succeed as a business in alliance with the communities in which we operate so we will provide local economic benefits; ; • Seek opportunities for involvement in the community through educational programmes, charity & voluntary work. We would take part in numerous visits to local educational establishments or provide site visits for students to attend. We will provide career advice including CV writing & skillset requirements for working in telecoms. ; • Consider opportunities for community benefits, such as the recruitment & training of economically inactive & disadvantage people. ; • We will look to employ up local based engineers (FTE/Apprentice) to assist in system support. We already have an active apprenticeship & graduate recruitment scheme & as with similar contracts we are able to allow students from local colleges to shadow our engineers during implementation as part of a work placement or pre-employment course. ; • Support local companies in the form of attending Meet the Buyer events & providing business support for third sector organisations ; • Provide reports on local companies used within our supply chain ; ; As we want to succeed as a business in alliance with all communities in which we operate, we will also; ; • Strive to be a good neighbour. ; • Engage in a constructive dialogue & wherever possible work in partnership with the community. ; • Respect & acknowledge local cultural & religious needs. ; • Promote diversity in our supply chain by support local SME’s & VCSE’s ; • Respond promptly to enquiries from interested parties & provide relevant information regarding our activities. ; • Promptly pay small suppliers within 30 days.

  Equal opportunity

  Our most important resource are our employees so we incorporate a Fair and Equal Pay Policy with the promise to continue to pay well above the UK’s Minimum Wage and real Living Wage. We are committed to eliminating discrimination and encouraging diversity amongst our workforce. Our aim is that our workforce will be truly representative of all sections of society and each employee feels respected and able to give of their best. Our Equality, Diversity and Inclusion Policy provides equality and fairness for all with no discrimination on grounds of gender, marital status, race, ethnic origin, colour, nationality, national origin, disability, sexual orientation, religion or age. We oppose all forms of unlawful and unfair discrimination. Selection for employment, promotion, training or any other benefit will be on the basis of aptitude and ability. We provide our staff with the stability of employment with designated hours of work and do not use exploitative employment practices such as zero-hour contracts. We support flexible and family friendly working with our Flexible Working Policy which offers employees the ability to; ; • Change the amount of hours they work; • Change to the times when they are required to work; • Work from home Our family friendly working covers;; • Maternity leave and pay; • Antenatal appointments; • Paternity leave and pay; • Adoption leave; • Shared parental leave; • Family emergencies; ; The policies mentioned above are all fully supported by senior management and monitored and reviewed annually to ensure our staff retention rate remains high. This has allowed us, as a reputable and ethical employer to achieve the “Investors in People” award for the last 15 years.

  Wellbeing

  We are committed to the principle that our business goals will be best achieved when we consistently act within an ethical framework that enables us to be a good ‘corporate citizen’. Our Ethics & Corporate Social Responsibility Policy defines the basic principles, ethics & values that guide Exchange in its business conduct. We consider it critical that we work in accordance with these values to maintain our reputation & our relationship of trust with our workforce, customers, suppliers & the community. We will conduct our business legally, honourably & ethically & at all times we will ; • Trade & compete fairly never obtaining or maintaining business through illegal conduct. ; • Not tolerate any employee of the company offering, soliciting or receiving any form of bribe or inducement.; • Report financial information in a complete, accurate, honest & timely manner. • Treat our customers, suppliers & stakeholders as we would want to be treated ourselves.; • Influence staff, suppliers, customers and communities to support health and wellbeing, including physical and mental health ; Collaborate with users and communities in the codesign and delivery of the contract to support strong integrated communities. - Influence staff, suppliers, customers and communities through the delivery of the contract to support strong, integrated communities,

Pricing

• Price: £23.00 a user a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@exchangecommunications.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.