IOMART MANAGED SERVICES LIMITED

Microsoft Teams Telephony

Direct Routing from iomart adds voice telephony call plans to the standard MS Teams offering, retaining Microsoft Teams as the primary user interface and replacing Microsoft Calling Plans. This solution offers legacy PBX, Telephony system and contact centre integration. Options include call recording, headsets and handsets and call analytics.

Features

• Direct routing voice calls natively from Teams interface
• Cost-effective alternative to Microsoft Calling Plans with call bundles.
• Integration with your legacy, telephony and communication platforms
• Network level cloud call control for inbound call management
• Advanced billing and management information
• Built-in Resilience and DR options
• Utilise existing DDI phone numbers or provision new telephone numbers
• Microsoft approved Teams compatible devices can be provided.
• eal-time document editing, screen sharing, whiteboarding, and task management
• Ability to tailor settings, layouts, and features for each team

Benefits

• Cost-Effective per user per month options inclusive of calling packages.
• Unified Communications for all users regardless of device or location
• Switch from ISDN and WLR to prepare for PSTN shutdown
• Maintain service continuity by retaining existing telephone numbers
• Enhance business continuity with disaster recovery options
• Enhanced decision making through analytics and reporting
• Seamless transition plan with integrations to existing PBX
• Minimized risk working with iomart, a tier 1 Microsoft partner

£2.75 to £14 a licence a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@iomart.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

721360864838565

Contact

Seema Griffiths
0800 040 7228
tenders@iomart.com

Service scope

• Service constraints: Devices must be connected to the internet
• System requirements:
  • Microsoft Teams License with Phone System Enabled
  • Anti-virus
  • Firewall
  • Operational Office 365 tenancy (iomart can provide)
  • Requires an internet connection

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our Service Desk provides 24/7/365 support, including weekends and holidays. Tickets are triaged within 15 minutes and addressed based on priority, in strict adherence to our SLAs, ensuring prompt and reliable resolution.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Iomart offers a tailored support structure with various levels and pricing models to match your specific business needs, ranging from unmanaged/self-managed to fully managed solutions.; ; For unmanaged or self-managed services, we provide basic support at no additional charge. On the other hand, our fully managed services are competitively priced on a solution-specific basis. For instance, OS management is available from £75/month per host, and for consumption-based environments like Azure, we offer pricing models based on a percentage of consumption.; ; Our comprehensive management package encompasses all aspects of service configuration and managed changes, enhanced by proactive monitoring and alerting systems. This approach is designed to identify and mitigate potential issues proactively, minimizing their impact on your services whenever possible.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: A self-service portal demonstration with documentation and then on-going support. Sign posting to Microsoft Teams training section within Microsoft learning site.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Managed as part of the off-boarding process. Guidance will be provided.
• End-of-contract process: License to access direct routing with Microsoft Teams integration. At the end of the contract, the service can be cancelled giving the appropriate notice period or renewed should continuation be required.

Using the service

• Web browser interface: Yes
• Using the web interface: Users can perform adds, removes and changes to their environment such as assigning numbers, starters and leavers, increasing the number of direct routing channels and also decreasing them when required.
• Web interface accessibility standard: WCAG 2.1 A
• Web interface accessibility testing: Keyboard Navigation: Allowing users to navigate through the interface using keyboard shortcuts instead of relying solely on mouse input.; Screen Reader Compatibility: Ensuring that screen readers can interpret and convey the content of the web interface to users with visual impairments.; Contrast and Colour Accessibility: Providing sufficient colour contrast and alternative text for images to make content accessible to users with colour vision deficiencies.; Adjustable Text Size: Allowing users to resize text within the interface to accommodate varying levels of vision impairment.; Consistent Structure and Navigation: Maintaining a clear and consistent layout with predictable navigation for ease of use
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Manual
• Independence of resources: Iomart controls the infrastructure layer of the hosted telephony platform which will alert our supplier to resource levels. Our supplier can add resources on demand themselves to satisfy demand.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types: Other
• Other metrics:
  • Call Volumes
  • Per Agent views
  • Call Quality
  • Usage Patterns
  • Trend Analysis
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Tinkle Telecom

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Configurations
  • Call recordings where enabled
  • Call Analytics and reporting
• Backup controls: Configuration options defined pre-sales and can be amended as part of a change control process on request
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Bonded fibre optic connections
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: Technical controls are employed to protect data in transit within iomart's network. These include restriction of traffic via firewall configuration rules and appropriate segregation of data.

Availability and resilience

• Guaranteed availability: 99.5% Platform Availability. Support available for call quality and availability issues. Upon contract award, detailed SLAs will be provided for your specific service.
• Approach to resilience: All iomart UK datacentres maintain appropriate resilience and redundancy, including diverse power and connectivity with at least N+1 power redundancy via UPS and generators. All sites feature appropriate fire detection and suppression equipment with regular maintenance and testing of M&E facilities and operational controls carried out in line with iomart's business continuity management system which is accredited to ISO 22301: 2019. Additionally, iomart's network infrastructure is replicated across multiple sites.
• Outage reporting: Service interruption notifications by email.

Identity and authentication

• User authentication:
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access to all service interfaces (for consumers and providers) is constrained to authenticated and authorised individuals. Remote management access is authenticated and directly associated to authorised individuals rather than group accounts. All managed systems monitored and access logged and tracked for auditing purposes
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: ISOQAR
• ISO/IEC 27001 accreditation date: 27/10/2023
• What the ISO/IEC 27001 doesn’t cover: Iomart's Statement of Applicability excludes the following controls:; - A.6.1.4 Contact with special interest groups; - A.14.2.7 Outsourced development - iomart does not outsource software development; - A.14.3.1 Protection of system test data - only artificially generated data is used for testing purposes
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: One Compliance Cyber Ltd
• PCI DSS accreditation date: 23/02/2024
• What the PCI DSS doesn’t cover: Hosting provider:; - application / software; - hardware; - infrastructure / network; - physical space (colocation); - storage; - web; - security services; - share hosting provider; ; Managed Services; - systems security services; - IT support; - physical security; - other services (PCI Compliant Infrastructure as a Service)
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • Police Assured Secure Facility
  • NHS Data Security & Protection Toolkit

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials; NIST; PCI DSS level 1 service provider; NHS Data Security & Protection Toolkit; UK GDPR
• Information security policies and processes: Iomart maintains a comprehensive information security policy framework and has implemented an information security management system which has been assessed and verified as meeting the requirements of ISO27001:2013 by a UKAS accredited certification body.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Iomart's configuration and change management processes have been developed in line with the requirements of ISO 20000-1:2018 and ITIL. Changes are assessed for potential security impact as part of this process which is also aligned with PCI DSS and ISO 27001.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Iomart manages vulnerabilities according to an ISO27001 aligned policy and maintains membership of a pre-public disclosure forums.; ; This approach also aligns with PCI DSS and Cyber Essentials.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Iomart Protective Monitoring process is aligned with ISO27001:2013 control A.12.4 which details:; • Event Logging; • Protection of log information; • Admin & operator logs; • Clock synchronisation; • Incident Management
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Iomart incident management process is aligned with ISO27001:2013 control A.16.1 which details:; • The full incident management procedure; • Responsibilities & procedures; • Assessment of and decision on security events; • Response process; • Evidence collection; • Learning from incidents; ; This process also aligns with ISO 20000-1:2018 and ITIL.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: This is controlled at the Session-boarder-Controller (SBC) level where voice traffic is split into private instances. All stored information on the shared voice platform is also separated into separate instances

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity

  Fighting climate change

  Most of our energy use comes from electricity (to power and cool our data centres). So we’ve reduced our emissions through partnerships, world-first technology, and compliance.; 97% of our energy usage comes from our 12 data centres. So we’re setting ambitious carbon emission reduction goals with the aim of carbon neutrality.

  Equal opportunity

  With more than 400 employees we’re building a more diverse and inclusive environment with our values, partnerships and community outreach initiatives across the business.; We’re aiming for a technology-focused company, driven by purpose, with a genuine focus on wellbeing, diversity and equality.

Pricing

• Price: £2.75 to £14 a licence a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: 5 users free trial for 1 month. This will give full functionality for that time period

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@iomart.com. Tell them what format you need. It will help if you say what assistive technology you use.