Temple Interactive Media

Interactive Voice Response IVR

Automated telephone call handling. Our systems are used for Customer Relationship Management (CRM), virtual call centre, credit card payments, voicemail, IVR and information services. Voice interface using telephone keypad or Speech Recognition to connect to databases and APIs. Call centre overflow and routing. VoiceXML support for design and service management.

Features

• Secure Voice interface to access database and web API services
• Telephone keypad (DTMF) and Speech Recognition
• Process 2000 landline and 10000 VOIP simultaneous calls
• Secure web interface to manage Real Time Reporting and payments
• Secure web interface for remote access setup and monitoring
• 24 / 7 365 day support
• UK based in High Security Tier 4 Hosting Centre
• All hardware and servers owned and operated
• Data Driven Dynamic IVR Menus

Benefits

• Low cost access to high inbound capacity voice services
• Remotely manage secure voice services
• Automatically handle 2000 landline calls at the same time
• Easily edit services such as voice messages and menus
• Allow voice only access to database information
• Reduce call centre and line rental costs
• Automatically handle 10,000 VOIP calls at the same time
• Dynamic updating IVR menus to reduce cost based on demand

£0.02 a transaction

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at timhayes@timedia.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

688876405241443

Contact

Tim Hayes
07963212476
timhayes@timedia.co.uk

Service scope

• Service constraints: No
• System requirements: SSH access

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 24 hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We offer two levels of support:-; 1. General service support included at no additional charge; ; Issues that may be disruptive, but do not require immediate response aim to be resolved the next working day. ; ; 2. Telecoms issues, calls / messages not being handled, engaged tones or service failure aim to resolve in 4 hours; ; Live support ; ; Critical issues during a live TV broadcast. Ongoing real-time response and support Ongoing real-time response and support Ongoing real-time response and support. Cost from £500 per hour including network support engineers.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide onsite training, online training and user documentation.; ; We provide a development server environments allowing users to develop and test services before deploying to the live production environment.; ; We provide full development of services therefore we can assist with questions and queries as to the design of services. We support the VoiceXML 2.0 services standard allowing users to build their own IVR services.; ; We can also provide voice over artists for message prompts and menus.; ; We offer full testing services from multiple phone networks including VOIP.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Users can download their data at any time during the contract.
• End-of-contract process: At the end of the contract the services will be disabled and data will be retained in line with EU GDPR.; ; The are no termination fees or additional charges to store data on our systems in line with EU GDPR and Data Protection rules. ; ; Data will be at all times available to download during the contract and for up to two years following the termination of the contract.

Using the service

• Web browser interface: Yes
• Using the web interface: Users can:-; ; 1. Setup services including chose type of service, voice messages and set time of day options. We support VoiceXML and provide a development server to test services. ; ; 2. Manage services change voice messages and menus through web interface. ; ; 3. Monitor services and payments. Download voice messages and reports.; ; Limitations; ; 1. Phone number allocation will be issued manually on request to support
• Web interface accessibility standard: WCAG 2.1 A
• Web interface accessibility testing: Our systems have been designed to be fully managed using a telephone
• API: No
• Command line interface: Yes
• Command line interface compatibility: Linux or Unix
• Using the command line interface: Users can set up and manage services via command line interface.; ; This includes building, developing, testing and deploying live voice services.

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Our platform is used to provide shared high availability services to TV Broadcasters. Our systems regularly operate under high load conditions whilst maintaining secure sand boxing between applications. We have developed policies and procedures to manage high load events. Where users expect a particularly high response we have a Mass Event policy and we work with the networks to minimize any adverse effects. Where required we can maintain dedicated minimum capacity for each service.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • Network
  • Number of active instances
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Files
  • Services
  • Databases
  • VoiceXML Data
  • Call Data
  • Payment summary
• Backup controls: Backups occur in real time to multiple servers in remote locations.; ; There is no user interaction required.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users can recover backups themselves, for example through a web interface

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We provide 99.9% availability in our SLA based on monthly billing period excluded planned outages; Where we fail to provide the agreed level we offer credits on line rental equivalent to the time when the service failed to meet the availability standard.
• Approach to resilience: Due to security requirements this information available only on request.
• Outage reporting: A public dashboard and email alerts

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
• Access restrictions in management interfaces and support channels: Access to the management systems is defined in our Information Security Policy in accordance with our privileges matrix. Access levels are defined on a need to know basis using role based access control. ; Access is limited according to role. Unrestricted access will only be granted to staff and persons with the prior approval of senior staff in exceptional circumstances. Exceptional circumstances include PCI Audits or Criminal Investigations. No other unrestricted access is permitted or will be granted.; Access will be terminated according to the Information Security Policy on movers and leavers
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • Other
• Other security governance standards: PCI DSS
• Information security policies and processes: We have an information security policy which clearly outlines who is responsible for each action and how incidents can and should be escalated in the organization. All staff members are fully trained and kept up to date with security policies and are award that failure to comply is considered a serious disciplinary offence which may result in immediate dismissal. Our policies include Data Protection, Acceptable Use, Asset Control, Audit, Change Control, Access,Inventory Cryptographic Controls, Incident,Logical Access,Malicious Software, Operational, Password, Penetration Testing, Firewall,Physical Security, Privileges, Risk, Security Management, Security Patch, Software Development, Staff Selection, Systems, User Privilege,Linux Configuration, Security Management, Linux Hardening.; Copies of these documents are available on request.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: We have configuration documents for our servers including Linux Hardening and Linux Server Configuration documents. We have Change Management Control Procedures document which outlines how changes are made to our systems. We can provide details of both documents on request. In summary our Change Management requires an impact assessment, prohibits changes that impact security, testing of any change before deployment and back-out procedures.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We have a Malicious Software Vulnerability Management policy document that details the use of anti-virus software and detecting and removing malicious software.; We have remote access logging to record and generate logs.; We use reputable outside sources not just the software vendor including new security alerts internally from rkhunter reports and externally via https://www.uscert.gov/ncas/alerts and http://www.centos.org
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We have a Security Management Matrix that defines the roles and responsibilities of staff in the monitoring of our systems to identify potential compromises. This includes monitoring and analyzing security alerts and distributing information to appropriate information security and business unit management personnel, creating and distributing security incident response and escalation procedures.; When a potential compromise is identified we have an Incident Response Plan that classifies the incident from 1 to 4 and outlines the correct procedure. The speed of response will depend on classification e.g. threat to life will warrant immediate response
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have an incident response plan with pre-defined processes. The incident will be categorized into the highest applicable level of; one of the following categories:; ; 1. Category one - A threat to public safety or life.; 2. Category two - A threat to sensitive data –including Credit Card or Financial Information; 3. Category three - A threat to computer systems; 4. Category four - A disruption of services; ; The person who discovers the incident will call the Temple head office; ; The incident report will be distributed to all affected stakeholders and external agencies (e.g. Police)

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  Temple Interactive Media is committed to encouraging equality, diversity and inclusion among our workforce, and eliminating unlawful discrimination.; The aim is for our workforce to be truly representative of all sections of society and our customers, and for each employee to feel respected and able to give their best. ; The organisation - in providing goods and/or services and/or facilities - is also committed against unlawful discrimination of customers or the public.

Pricing

• Price: £0.02 a transaction
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at timhayes@timedia.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.