Intelligent Cloud Telephony Inbound Service

Service scope

Software add-on or extension: Yes, but can also be used as a standalone service
What software services is the service an extension to: Resilient OPTO4UC,OPTO4Teams & OPTO4Contact telephony and UC services
Hosted Session Border Controllers
SCB SMS, Secure SIP Trunking, Email and Voice API solution
Cloud deployment model: Public cloud

Private cloud

Hybrid cloud
Service constraints: Numbers provisioned on the Inbound service can terminate to an International number or an 08 number not on the SCB network (at our discretion).

It is not possible to terminate an inbound number to another inbound number.

It is not possible to terminate video conference calls
System requirements: User must have internet connectivity

May need to port over exsisting numbers

SIP enabled existing phones or softphones

User support

Email or online ticketing support: Email or online ticketing
Support response times: The Account Management & Service Desk team is available from Monday to Friday 08:00 until 18:00, with on call cover outside of these hours. SCB' experienced UK-based Technical Support team has a target time for initial response of 30 minutes, for Critical and High priority issues; and one hour, for Medium and Low priority issues Customers that are on the 24x7 customer list will receive support outside of core business hours. We aim to resolve queries at first point of contact and will be responded to in line with the SLAs in the Customer Support Plan.
User can manage status and priority of support tickets: No
Phone support: Yes
Phone support availability: 24 hours, 7 days a week
Web chat support: No
Onsite support: Yes, at extra cost
Support levels: Our support levels are fully comprehensive providing a full SLA and escalation matrix upon contractual signing. Our services provide a tiered system to provide this, standard service request and non standard request. Each is monitored and managed via KPI to ensure our SLA are achieved to provide 99.99% service.

The following service levels apply with target resolution times:

Critical Fault - Loss of service. Multiple services affected - 4 Clock Hours,
High - Loss of service - single service - 8 Clock Hours,
Medium - Disrupted service - 3 Working Days,
Low - Single number destinations or Quality of Service - 7 working days.

We provide Service Desk and Account Management Teams. Support engineers answer the phones at SCB's Service Desk and perform first stage fault analysis. If they are unable to resolve the incident will be escalated to Tier 2 and Tier 3 engineers.

Inclusive 24x7 support is provided for customers with monthly expenditure of £5,000 or more.
A Technical Account Manager is made available as standard.
Support available to third parties: Yes

Onboarding and offboarding

Getting started: The service has been designed to be intuitive and easy to use. We supply a customer support manual for all contact points and escalations. We provide comprehensive admin and user training for the web portal and the service.

Once the service has been implemented we provide full training ranging from onsite training, online training and also user documentation. This training can be ongoing as required by the user. Also if there any new updates or features or benefits that arise during the contracted time full training will be given. A named Major Account Manager will also be assigned to your account to support you. The on site training is usually provided by the installers of the system.
Service documentation: Yes
Documentation formats: PDF
End-of-contract data extraction: Our secure customer portal is an online space giving customers complete visibility of the assets that we manage for them. Here, we offer a complete view of their estate, including telephone numbers (CLIs), the product related to that number and its geographical location. All invoices are in one place and kept for 12 months for historical billing information on the services you have taken. This information can be easily downloaded for extraction into excel only by an authorised personnel. Call recordings and CDRs are available for the customer to download until the service termination is complete and access is no longer available. Clients data is handled in line with GDPR compliance. When the contract end, users will be able to extract their data. All customer data is destroyed upon account termination and all internal confidential material is shredded or put in locked shredding boxes when they are no longer needed or if the applicable defined retention period has expired. If a customer requires data to be made available beyond the end of the contract, additional fees will apply.
End-of-contract process: At the end of the contract the customer moves onto a rolling 30 day contract on our standard rates. Through our online billing and reporting portal, customer can get their asset list, including numbers that can be ported away and details of the services they currently take with us. This will be provided at no additional cost. It is up to the new provider to port the numbers away. All services are included within the contract with exception of any hardware that has been leased that the client will have to pay for in full if they wish to keep it.SCB will work closely with the client to ensure that any hand over to a new supplier goes as smoothly as possible.

Using the service

Web browser interface: Yes
Supported browsers: Internet Explorer 11

Microsoft Edge

Firefox

Chrome

Safari

Opera
Application to install: Yes
Compatible operating systems: Android

IOS

MacOS

Windows
Designed for use on mobile devices: Yes
Differences between the mobile and desktop service: Mobile service only works on IOS and Android
Service interface: No
User support accessibility: WCAG 2.1 AA or EN 301 549
API: Yes
What users can and can't do using the API: Protocol SCB Global's API works by sending and receiving either POST or GET requests via HTTP protocol. Authentication For authentication purposes an unique API key is used. SCB's OPTO4Contact has a common language (RESTful) and open API policy, where users proficient in URL-based HTTP APIs can interoperate across all our pre-written APIs. These enable multiple functions, for integration, for example data workflows, UI enhancements and UI automation. Depending on the proficiency of the user, multiple APIs can be used to widen functionality. The APIs can be set up via the SCB portal, with an intuitive GUI interface which allows customers to self-manage the setup and change of integrations using our APIs.
API documentation: Yes
API documentation formats: Open API (also known as Swagger)

PDF
API sandbox or test environment: No
Customisation available: Yes
Description of customisation: The service offers a range of clever features and an emphasis on control and administration through the web. For administrators, you can quickly configure the system and inbound call routing according to your organisation’s changing requirements, whilst individual users can manage their calls easily and effectively. Users can implement a wide range of features via the web portal, either at a company, site, or User level giving full and easy control of all inbouund calls, even over multiple sites all over the world and on different devices

Scaling

Independence of resources: Each inbound customer's resource requirements are taken into account and sufficient network is allocated to each customer. The network is also managed during very busy periods to ensure that traffic is spread out

SCB carry out regular checks to monitor resource requirements and to forecast usage, so that we scale resource dynamically, depending on requirements. Additionally there is weekly planning review on capacity management adjustments.

Analytics

Service usage metrics: Yes
Metrics types: SCB Global's Inbound number service provides a range of online inbound call reporting on a per number basis. Full summary reports are provided; how many calls are getting through, where are my customers located, what are my call trends, when are my busy times. The inbound number platform also provides real time reporting .SCB will support users in using the usage matrics to help make business decisions . Full training will be given so that the user can get the most out of the service matrics that are available .
Reporting types: Real-time dashboards

Regular reports

Reports on request

Resellers

Supplier type: Not a reseller

Staff security

Staff security clearance: Conforms to BS7858:2019
Government security clearance: Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: United Kingdom
User control over data storage and processing locations: Yes
Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency: At least every 6 months
Penetration testing approach: In-house
Protecting data at rest: Physical access control, complying with CSA CCM v3.0

Encryption of all physical media
Data sanitisation process: Yes
Data sanitisation type: Deleted data can’t be directly accessed
Equipment disposal approach: In-house destruction process

Data importing and exporting

Data export approach: SCB Global makes it easy for users to export their data via their secure online portal: An Administrator can export for all their phone users, through the administrator portal – call recordings in audio file format; CDRs, in CSV format; and a list of the extensions involved in the solution – in CSV format. Individual users can view and individually download any of their individual call recordings – subject to permission being given by the Administrator. In Analytics, permitted users can generate reports of call activity, and export or email them in CSV format, for further analysis.
Data export formats: CSV
Data import formats: CSV

Data-in-transit protection

Data protection between buyer and supplier networks: Private network or public sector network

TLS (version 1.2 or above)
Data protection within supplier network: TLS (version 1.2 or above)

IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability: Inbound number service availability is calculated as: Total number of minutes in the measurement period – Unplanned Downtime x 100 / Total number of minutes in the measurement period

Note: If a Service is partially available then the Unplanned Downtime shall be calculated in equal proportion i.e. if a service is 50% available then the unplanned downtime will be calculated as 50% x elapsed period of the incident.
Availability Measurement Period:1 Calendar month
Target availability for Number Manager Endpoint : Core service: 99.99% & Non-Core Services: 99.50%

Not included: - Outages which are deemed by us to be the result of matters outside of its direct control - Planned or emergency maintenance works - User error Notes: (1) Core functions are defined as SCB's Switching infrastructure, transmission equipment and core network, the service that supports call routing and termination. (2) Non-Core functions include SCB's Support Systems, access to any relevant portals and feature based services such as Call Plans, Call diverts, Auto Attendant, Call Recording, and Unified Messaging
(3) A Resilient build SIP Trunking means a SCB approved
configuration such as dual Session Border Controllers offering geographic diversity.
Approach to resilience: SCB Global Inbound platform is a multi-tenant, multi-site network infrastructure that delivers the entire telephony and application environment as a service. Located across multiple state of the art data centres in the UK, customers benefit from never being hosted on a single site. Every customer consumes service from at least two datacentres simultaneously. The Inbound Platfform architecture has multiple levels of inter & intra redundancy built into it. It’s designed to run in an active/active mode and seamlessly switches to the available data centre in the event of any failure. Service failover is tested regularly during system maintenance windows. We achieve the highest levels of resilience by operating:
• A True Cloud network service with all customers active on at least 2 POPs simultaneously;
• POPs replicated at speeds of 0.1 seconds – data on any one POP is replicated almost instantly to all other POPs;
• All POPs operate to a 5 x 9 service level;
• All POPs monitored 24 hours a day, 365 days a year.
Outage reporting: SCB Global network operations centre (NOC) operates 24/7/365 to ensure optimal system configuration and service availability. The engineers continuously monitor countless systems, metrics, and alarms. Service Outage reports are notified via:
-Email alerts
-Portal alerts
-Text messages to opted in customer mobile numbers
-Service desk verbal communication -Public Dashboard

Identity and authentication

User authentication needed: Yes
User authentication: Username or password
Access restrictions in management interfaces and support channels: Customer administrators can set permissions for other users to give them access to certain areas of the portal. They are able to restrict access to certain areas of the management and support interfaces. SCB has complex password requirement to restrict access to its service - upon entering wrong details, user's account will be locked.
Access restriction testing frequency: At least every 6 months
Management access authentication: Identity federation with existing provider (for example Google Apps)

Username or password

Audit information for users

Access to user activity audit information: Users contact the support team to get audit information
How long user audit data is stored for: Between 6 months and 12 months
Access to supplier activity audit information: Users contact the support team to get audit information
How long supplier audit data is stored for: Between 6 months and 12 months
How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification: Yes
Who accredited the ISO/IEC 27001: Quality’s Veritas - CDL group
ISO/IEC 27001 accreditation date: 24/11/2023
What the ISO/IEC 27001 doesn’t cover: N/A
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: No
Cyber essentials: Yes
Cyber essentials plus: No
Other security certifications: No

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: ISO/IEC 27001
Information security policies and processes: Numerous policies and processes including but not limited to the following: Information Security Policy Information Security Incident Policy Acceptable use policy Access Control Procedure Backup Plan Business Continuity Plan Confidential Data Policy Data Protection Policy As part of this, the Quality Manager ensures company-wide full awareness for information security – via annual campaigns, and induction training for new starters. This ensure that all staff know about these principles, and what everyone needs to do to ensure continued compliance. Furthermore, we are Cyber Essential & ISO27001 accredited to ensure information is thoroughly secure.

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: SCB network and application perimeter is protected with firewalls and session border controllers. Administrative access requires authenticating through a production VPN gateway, then authenticating to local infrastructure systems. Technology layers include intrusion detection systems, system logs, and fraud analytics. Our Change Control Process covers changes made to the operational systems, to mitigate the risks and impacts that any change has and ensures good communication at all stages. Our Configuration Items (CIs) include hardware, software, people and formal documentation and the relevant information is managed throughout the lifecycle. The processes for doing this are clearly documented, for example Change Control processes.
Vulnerability management type: Undisclosed
Vulnerability management approach: A weekly internal review of all incidents is held to include all product groups. Whereby common factors and behaviours are identified, which may be causing incidents, analysis is conducted on the information provided, and where possible, the incidents are replicated internally on our test environment. Media capture traces are run to identify the problem, of which the results are then passed to product experts and support who are engaged to identify the problem and proceed with a plan to resolve and deploy a fix. We get information from vendor sources, industry RSS feeds & internet.
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: We would identify the potential compromise from our reports where we will see something unusual such as a spike in calls or unusual destinations being called. We will shut down and contact the user to clarify what the unusual activity is to prevent a further compromise. When we find a potential compromise, we respond through our thorough processes, for which we have regular training and drills. Our 24x7 Network Operations Centre (NOC) are trained to evaluate the data from our various tools, and they go through the steps listed in our incident response policies and procedures
Incident management type: Supplier-defined controls
Incident management approach: SCB Global have an Incident Management process which has numerous pre-defined sub groups of staff designated for particular products or scenarios. It can be initiated by any member of staff and is managed by our Network Operations Centre (NOC). Any incident is reported by the customer to the Service Desk, it is recorded in a customer relationship management tool (CRM) and an Incident report is produced after root cause analysis has taken place. Any Incident reports are made available to end users via pdf.

Secure development

Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks: Yes
Connected networks: Public Services Network (PSN)

Joint Academic Network (JANET)

Social Value

Equal opportunity

SCB Global is committed to deliverying social value by promoting equal opportunity in the workplace and beyond. SCB Global champions equal opportunity in all aspects of business operations and firmly believes that fostering diversity and inclusion is not only the right thing to do but also is crucial for sustainability and success in a rapidly changing global landscape . From recruitment and hiring practices to employee development and community engagement SCB Global strives to create an inclusive and diverse enviroment that SCB Global are very proud of . This all starts from the recruitment and hiring process where SCB actively seeks out a diverse range of candidates from different backgrounds , experiences and perspectives . Once onboard SCB invests in our employees development and growth fostering a culture of continous learning and career advancement . SCB also ensures that any suppliers align with the same social values and activley promotes supplier diversity. SCB also encourage in voleentering initiatives encouraging employees to contibute thier time and skills to the betterment of society. This helps to strengthen the team and drive innovation with a positive impact on society aswell. SCB Global will be only to happy to provide more examples examples and to go through our social values policies and look forward to working with companies that share the same values and to work together to make an impact

Pricing

Price: £5.00 a licence a month
Discount for educational organisations: Yes
Free trial available: Yes
Description of free trial: We can provide a free trial of the inbound services with a test number for 4 weeks. Customer pays for any forwarded calls during the trial period.

Intelligent Cloud Telephony Inbound Service

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Pricing

Service documents

Cookies on Digital Marketplace

Intelligent Cloud Telephony Inbound Service

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents