Arrow Business Communications Limited

Arrow - Mitel UC

A secure cloud based telephony service utilising Mitel PBX software and handsets. Customers can add Contact Centre functionality, Compliant call recording, Call Analytics, Remote workers, mobile and soft clients and collaboration tools. The service is managed, monitored around the clock and customers can manage services via an online portal.

Features

• Mitel PBX control software configured live across two data centres
• Cloud based Contact Centre Service routing voice and Multi Media
• FCA Compliant secure and resilient call recording software
• Call analytics reporting service with live wallboard display capability
• Secure web based portal for self service administration
• Application for deployment on Smartphone device
• Support for handset to be deployed at a remote location.
• All standard executive PBX calling features
• Desktop 'MiCollab' client for PC and MAC
• Best of Breed Mitel Handsets

Benefits

• Best in class PBX functionality with excellent business continuity
• Helps allocate correct resources to maintain service levels.
• Monitor call quality, to improve levels of customer service.
• Provides visibility of call response times to aid customer service.
• Changes can be made without external resource or cost.
• Receive calls on mobile and landline device simultaneously.
• Allows home workers to communicate more effectively.
• Immediate notification and retrieval of voicemail when away from office.
• Use collaboration tools for effective home-working
• Control call routing and view call history from your desktop.

£6.50 a user a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@aro.tech. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

645837861079787

Contact

John Loftus
07545 929225
gcloud@aro.tech

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Private cloud
  • Hybrid cloud
• Service constraints: A suitable private or public internet connection is required. Alternatively Arrow can provide dedicated voice connectivity.
• System requirements:
  • The self service admin portal is web-browser based.
  • Administrator rights required to install client software

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our standard response time is four working hours Monday-Friday 8-6pm. We can supply bespoke SLA agreements.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: There is a web-chat icon on each page of the support section in our web-site. Tawk.to supports WCAG 2.0 guidelines
• Web chat accessibility testing: None Completed to Date
• Onsite support: Yes, at extra cost
• Support levels: Arrow provides a core level of support which in included with the contract. Additional bespoke support levels are available upon request at an additional monthly service fee. Any incident (an unplanned interruption to a service) can be logged by the customer with Arrow’s Service Desk. Arrow will respond to and resolve remotely any incident or issue that is impacting the customer’s supported scope using our cloud support engineers. A service change (something which represents a minor change to the supported scope where there is a risk of impact on the service) may be subject to additional charges depending on the scope of the change and will also be managed by our cloud support engineers.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: An Account Manager and pre-sales consultant will work with you to identify the correct service specification and configuration. If required we will attend site to conduct site surveys, demonstrations and audits. Once our proposal is accepted and our Cloud video service contract signed, we add the project to our internal task system. Each new customer project is allocated a Prince 2 qualified Project Manager (PM) who assumes overall responsibility for the successful delivery of the project. The PM will communicate with the customer by phone, e-mail, video or in person. A Project Initiation Document is issued once we have gathered all required information, this document defines the project. All user information is gathered and amended if required. A meeting to discuss all aspects of the service configuration. The service configuration agreement written up and issued. The PM will liaise with the Cloud IP Engineering team to manage the necessary resources. The assigned Cloud IP Engineer will configure the service and attend site to carry out the deployment. Where the customer specifies on-site training, a trainer will attend site to provide the necessary instruction. Arrow also provide a library of pre-recorded training videos covering the Cloud Video conferencing service.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The customer via the relevant service portals can extract all historical call detail and call recording information held
• End-of-contract process: Once the service fully terminates, Arrow technical staff will de-commission the customers service ensuring all data base information and call recording and analytics data permanently deleted. Additional costs would be incurred should the customer wish for the Arrow Engineering team to export all data (recordings etc.)

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Our MiCollab application works on PC and Mac desktop and will also work on a mobile devices (iOS and Android) via the MiCollab app.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: The management portal is accessed via a web browser over the internet.
• Accessibility standards: None or don’t know
• Description of accessibility: N/A
• Accessibility testing: None Completed to Date
• API: Yes
• What users can and can't do using the API: APIs only refer to additional features such as CRM integration where we will work with the customer's particular integration requirements. This will differ from customer to customer.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Customer's have the ability to design and build Telephony, UC, IVR and CCaaS features. Providing a tailored service to meet or exceed customer expectations. Arrow technical specialists will guide the customer through their onboarding journey.

Scaling

• Independence of resources: Each customer has their own high availability pair of virtual PBX's across geo-resilient data centres. The underlying network is configured and monitored to ensure that each customer's service has the recommended resources published in our vendor's specification documentation. As more customer's are added to the platform, underlying network resources are scaled to suit demand.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide metrics on inbound and outbound calls made from each extension via our web-based call analytics portal.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Mitel, Redbox, Tollring

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: Less than once a year
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Via a secure web-portal. Portal address to be provided by engineering upon commencement of the service.
• Data export formats:
  • CSV
  • Other
• Other data export formats: Xls
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: Private WAN Service; Media and signalling path encryption is supported for all of Mitel's IP phones.; Media path encryption is accomplished with Secure RTP using 128-bit Advanced; Encryption Standard (AES)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: The Cloud service operates from secure UK data centre locations and the; ; equipment is only accessible by cleared Arrow technical personnel. All customer; ; data resides within the Arrow managed racks and no data is transferred either; ; outside of this environment or overseas. We operate a robust data protection policy and retain customer data for; ; the minimum amount of time necessary to deliver the service.

Availability and resilience

• Guaranteed availability: The Mitel UC service architecture is such that we can offer high availability of service to all customers. We offer a 99.99% uptime SLA
• Approach to resilience: The service is operated from two data centres with a customer specific PBX being deployed in each. All handsets have the ability to connect to PBX call control at both data centres. All connectivity to the PSTN and Public internet is offered from both data centres for resiliency.
• Outage reporting: We have a process to communicate with customers in the event of a major service outage and provide a Reason for Outage report. This is based through emails from the support team. Once an outage is noted then regular hourly emails are sent detailing progress to resolution.; We operate a real time network monitoring tool that allows us to see in real - time any issues on our network.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: We offer various levels of access in to the call analytics, call recording and contact centre tools based on role and permissions for customers. Core network access is only granted to Arrow's dedicated engineering team. Within the engineering team there are various levels of access dependant on engineer accreditation and job role.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: Cyber Essentials QGCE 2305

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: NHS Information governance toolkit level 2; Cyber Essentials. Registration number QGCE2305.
• Information security policies and processes: The Chief Executive Officer, along with the board, in partnership with the Head of IT is responsible for the approval of all of the IT policies and ensuring that they are discharged to the relevant managers. Arrow's Information Security Policy outlines our approach to information security as well as being a method to establish a set of tools to outline the responsibilities necessary to safeguard the security of the Company’s information systems with supporting policies, codes of practice, procedures and guidelines. The policy applies to all employees - current and new - of the Company as well as all other authorised users. The policy relates to the use of all Company-owned information system assets, to all privately owned systems when connected directly or indirectly to the Company’s network and to all Company-owned and or licensed software/data. Authorised members of the IT Department will from time to time monitor the information systems under their control to ensure compliance. This is supported by training during the Induction process for new employees and updates to existing staff as appropriate.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our Mitel UC services are deeply integrated into GTT’s (https://www.gtt.net/gb-en/) network. GTT has maintained ISO 27001 accredited Enterprise Security Management System for their Operations Centres and Data Centres since September 2005.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our Mitel UC services are actively managed by network monitoring tools 24/7/365 and provide alerts to any vulnerabilities within the Core services. All of our services are patched to each vendors latest supported version, and any new vulnerabilities are addresses and communicated to Arrow to take immediate action and new patches provided and applied. Our data centres are suitably firewalled and run industry leading anti-virus.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Arrow's Data Protection Policy details the extensive controls, measures and methods used to protect personal data, uphold the rights of data subjects, mitigate risks, minimise breaches and comply with the data protection laws and associated laws and codes of conduct. We also carry out regular audits and compliance monitoring processes, to ensure that the measures and controls in place are adequate, effective and compliant at all times. All data breaches are reported immediately to the direct line manager and the reporting officer. Measures must be taken immediately to contain the breach and to stop any further risks or breaches.
• Incident management type: Supplier-defined controls
• Incident management approach: Arrow’s Data Breach Policy states that all staff must report a data breach immediately to the direct line manager. ; ; The Supervisory Authority is to be notified within 72 hours of any breach where it is likely to result in a risk to the rights and freedoms of individuals. ; ; A full investigation is conducted and recorded on the incident form, the outcome of which is communicated to all staff involved in the breach, in addition to upper management. A copy of the completed incident form is filed for audit and record purposes.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Joint Academic Network (JANET)

Social Value

• Wellbeing:

  Wellbeing

  To help us drive wellbeing and engagement throughout Arrow, we have dedicated Wellness Champions at each of our key sites – these are voluntary roles and act as a central point of contact for advice and guidance around the mental health and wellbeing of our people. They also help to drive the promotion and organisation of various corporate social responsibility initiatives across Arrow further driving engagement. A dedicated Teams channel is used to communicate, share, and promote these activities. Each Champion has completed Mental Health First Aider training so that they are equipped with the necessary skills to fulfil this role. These courses run through MHFA England have also been attended by other members of the wider team. The engagement of our people is paramount at Arrow, and we track this closely, currently sitting at 89% this places us in the upper quartile of all benchmarked organisations. In addition to our 2 main annual surveys, we also track the wellbeing and resilience of our people as well as our eNPS score monthly to ensure we keep a close temperature check on how they are feeling. Our current eNPS score is 52% which places us in the top 25% of organisations in our industry.

Pricing

• Price: £6.50 a user a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@aro.tech. Tell them what format you need. It will help if you say what assistive technology you use.