ABZORB SYSTEMS LTD

Abzorb Mobile Management Portal

Abzorb's Airtime management Portal, has live backend integrations to O2, Vodafone and EE. This allows several transactions to be initiated on the Portal, which are translated into scripts written directly on to the mobile operator's provisioning systems.

Features

• Real-time mobile SIM changes
• Real-time usage tracking
• Instant SIM Activation
• Instant SIM Deactivation
• Instant SIM Swap
• Write Scripts Directly on MNO Backend
• Fully integrated with O2, Vodafone and EE
• Manage Existing Estate of SIM Cards
• Enable/Disable 5G, WiFi Calling, Roaming, MMS, SMS and Voicemail
• Enable / Disable Inbound / Outbound Calls

Benefits

• Instantly manage your SIMs without an MDM
• Integrate directly with the 3 largest MNOs
• Instantly onboard new SIMs
• Instantly deactivate users at network level
• Query usage directly from MNOs

£6.50 a user

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at frameworks@abzorb.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

754517822028295

Contact

Dean Al-Sened
07789050205
frameworks@abzorb.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: N/a
• System requirements:
  • Google Chrome Preferred
  • Other Chromium-based browsers

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: All queries dealt with within 1 working day.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Web Chat is integrated into our telephone system. Web Chat sessions are queued along with telephone calls, within our helpdesk.; ; Accessible using widget on the Portal.
• Web chat accessibility testing: None
• Onsite support: Yes, at extra cost
• Support levels: Access to Abzorb 3-tier helpdesk is included free of charge. Unlimited support is available between the hours of 8am and 6pm, with the ability to log faults with the out of hours team, 24/7/365.; ; Dedicated Account Manager provided to any customers with more than 50 connections administered through the platform.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Full unlimited remote training is provided before using the service for the first time and provided on-request, at no cost, throughout the agreement.
• Service documentation: No
• End-of-contract data extraction: Some data is exportable directly from the Portal, into a CSV. Other data can be requested from the Support Desk.
• End-of-contract process: Access to the portal is revoked. Data can be requested to facilitate an orderly transition to a new provider.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Service Interface allows Administrators to:; - Administer new users; - Administer Departments within their organisation; - Toggle permissions for individuals; - View audit logs for users within their orgnaisation
• Accessibility standards: None or don’t know
• Description of accessibility: Standard web-browser/app access with standard accessibility options associated with those web-browsers/apps.
• Accessibility testing: None
• API: Yes
• What users can and can't do using the API: All functionality accessed through web front end, can be actioned through API, including:; ; Activations and Deactivations; The instant activation of new SIMs and instant deactivation of any live SIM, within the customer estate. ; ; Barring and Unbarring; The following services and can be barred or unbarred for any SIM, either individually or in bulk:; 1. Incoming Calls; 2. Outgoing Calls; 3. Handset (IMEI) Bar; 4. Premium Rate Calls; 5. UK Data; 6. International (UK to Abroad) Calls; 7. SMS Incoming; 8. SMS Outgoing; 9. MMS Incoming; 10. MMS Outgoing; 11. Roaming Bar (Calls and Data); 12. Roaming Bar (Calls to UK Exempted); 13. Roaming Bar (Incoming Calls Barred); 14. Roaming Bar (Data Barred); ; Amend SIM Services; The following services and features can be enabled and disabled for any SIM, either individually or in bulk:; 1. Divert On/Off (to any destination); 2. WiFi Calling; 3. 5G
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Users can toggle individual services on/off in relation to the Administration of SIMs, including SIM Changes, Barring, adjusting Network Features and Adjusting tariffs and caps.

Scaling

• Independence of resources: Abzorb deploys additional servers as the service grows (in terms of number of connections).

Analytics

• Service usage metrics: Yes
• Metrics types: Usage of the Portal, as well as usage of each task type, for example Voicemail added, MMS removed, 5G Enabled, WiFi Calling Disabled. Usage is broken down by time, user and department.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Most data can be exported from the Portal, but some can be requested from the support desk.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.99%
• Approach to resilience: Available on Request
• Outage reporting: Automated notifications by SMS, Email, API and Internal Collaboration Tools (for internal notifications).

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Role based access throughout Portal Access, with permissions set for each user-type.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus ISOQAR
• ISO/IEC 27001 accreditation date: 13/09/2019
• What the ISO/IEC 27001 doesn’t cover: Nothing
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Security Metrics
• PCI DSS accreditation date: 06/12/2021
• What the PCI DSS doesn’t cover: The PCI/DSS certification covers our primary IP address.
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Abzorb has implemented a technology-based solution to administer all of its ISMS Policies, which include:; ; Acceptable Use Policy; Access Control Policy; Clear Desk Policy; Communications Policy; Data Protection Policy; DEVOPS Policy; Digital Security Policy; Disposal Policy; Fixed Asset Management Policy ; Information Lifecycle Policy; Physical Security Policy; Retention Policy; Supplier Access Policy; ; The IS Manager regularly meets with Senior Managers to ensure all employees are adhering to these policies.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Requests can be one of two types:; • New Project (A completely new report, system or technology implementation).; • Request for Change (RFC). (An alteration or amendment to an existing report, system or technology implementation); ; Anyone can request a new project or submit a request for change by making use of forms that are available in the central document store, accessible to all employees.; ; Customers and Indirect business partners may submit RFCs via their business development manager (BDM).; ; The RFC is assessed by the management team and, when approved, assigned to the relevant work schedule.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: • All information assets are identified (or reviewed) by the directors.; • A classification is assigned according the relevant scale.; • All assets have a value assigned based on the worst-case impact in terms of loss of confidentiality, integrity or availability.; • A decision is made as to whether an asset requires further assessment ; • The impact of threats being exploited and the likelihood of that happening are assessed and the resultant score is multiplied by the asset valuation score to derive the adjusted score.; • Assets with an adjusted score> 24 must be added to the risk treatment plan.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Abzorb uses full Next-Gen Firewalls to provide full IPS, IDS and Anti-Malware Protection - they also provide realtime monitoring of network activity, reporting daily via email. Our Mimecast email security reports weekly on threats, trends and behaviours. We also subscribe to the NCSC's daily threat detection service. Any incidents are alerted to the Information Security team. ; ; The IS Team will create a case for any security incidents within 30 minutes of being notified and update all users regularly on its progress. Once resolved a RCA is conducted and reported back to the Senior Management Team.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Abzorb has utilised the ITIL4 framework in order to design our Incident Management practice. ; ; Abzorb’s Incident Management process can be triggered in a variety of ways. A user/customer may report an issue, a member of our team may notice a potential or actual failure, or an incident many be raised automatically by one of our monitoring systems. ; ; Our self-care portal acts as the central repository to log and track incidents. Furthermore, at every stage in Abzorb’s Incident Management process, we have incorporated automation wherever possible in order to increase efficiency and restore normal services promptly.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Abzorb considers itself to be aware and mindful of the business’ sustainability impact and we continuously aim to improve this measure. We understand that climate change is a significant threat to our future and that we have a duty to reduce the environmental impact our business makes. We approach sustainability issues as a collective, enabling Abzorb to make a bigger difference.; ; Abzorb are also working towards achieving the ISO14001 Environmental Management accreditation, which we aim to have completed by September 2022. ; ; Abzorb has invested in technology, to help deliver its ISO14001 Environmental Management System. This investment has already helped deliver on the following environmental activities:; • Implementing best practices to ensure minimisation of waste generation.; • Increase our usage of rapidly renewable materials.; • Purchase more products which have an identifiable recycled content.; • Managing and updating all EMS documents.; ; Abzorb calculates its carbon footprint and publishes a Carbon Footprint report each year. This is completed in accordance with PPN 06/21 and the associated guidance and reporting standards. In 2020, Abzorb reduced its total use of greenhouse gases by 24% (kg of CO2e).; ; Abzorb is aiming to reach Carbon Net Zero by 2050, and we continue to make changes to our carbon output each year in order to meet this target.

Pricing

• Price: £6.50 a user
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Trial for up to 25 End Users, for up to 1 month provided at no cost.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at frameworks@abzorb.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.