TALKTALK BUSINESS DIRECT LIMITED

SIP Trunking

Provides flexible, cost-effective and reliable voice SIP connections between your PBX and network, in place of traditional lines. SIP Trunks can be carried over new or existing IP connectivity, and support your existing phone numbers. Benefits include increased flexibility, resilience, and reduced costs. Suitable for businesses of all sizes.

Features

• Voice connectivity
• Operates across new or existing internet connectivity
• New co-termed channels can be added at any time
• UK-based 24/7 customer service and technical professionals
• Available on SIP enabled and ready PBXs
• End-to-end Quality of Service (QoS)
• Spend management and auto suspend tools
• Multiple resilience options available
• Optional call manager portal
• International SIP trunks

Benefits

• Extends the life of your PBX
• Removes reliance on outdated technology such as ISDN
• Increased flexibility by quickly adding new channels
• Ensure issues are resolved effectively
• Supports a wide range of PBX systems
• Ensures voice quality is maintained
• Reduced, controllable and manageable costs through channel subscription model
• Increased resilience, aiding business continuity
• Increased control of inbound and resilience options
• Support overseas offices

£4.40 a licence a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.stokes@talktalk.business. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

796865119862071

Contact

Andrew Stokes
07976911843
andrew.stokes@talktalk.business

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Service levels apply for TalkTalk Business connectivity only.; ; Recommended minimum bandwidth is 126.4 kbps. ; ; Deployment across circuits will be subject to upstream/ downstream bandwidth limits and the primary PBX codec being used.; ; SIP Compatible PBXs only using either G. 711 or G. 729a codec standard (G.711 preferred for better voice quality).
• System requirements:
  • Existing SIP compatible and ready PBX – conformance list available
  • TalkTalk Business connectivity circuit of adequate size
  • Compatible Session Border Controller – conformance list available
  • Authenticated IP Address
  • PBX must have an appropriate SIP licence

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Email and online tickets will be assessed on receipt and placed into one of three priority queues (with response times):; ; P1: Critical Fault. Loss of service. 9 clock-hours’ resolution, 24/7; P2: Partial loss of service. 3 working days; P3: Degradation of service. 7 working days; ; P1 faults will result in an immediate action plan, with likely resolution timescales, and agreed with the customer. All customer interactions will be managed though TalkTalk’s ticketing management system and customers kept up-to-date at all stages until resolution.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: No
• Support levels: The service offers the following support, which is included free with the service.; ; Faults can be raised 24x7, 365. Your case will be allocated to a cloud support engineer who will investigate the issue and either resolve the fault directly or raise a ticket and track the support case with our suppliers. Tickets will be prioritised according to the severity of the fault reported and tracked and managed through our published fault management process.; ; • P1: Critical Fault. Loss of service - 9 clock-hours’ resolution, 24/7; • P2: Partial loss of service - 3 working days’ resolution; • P3: Degradation of service - 7 working days’ resolution; ; We can be contacted by the following routes:; In hours – M-F (excl. BH) 8:30 to 17:15; Email: systemsupport@talktalkbusiness.co.uk; Phone: 0191 493 1120, option 1 or ; 0800 4661234, option 1 then option 3 ; Out of hours:; Email: b2booh@talktalkbusiness.co.uk; Phone: 0800 5426753; ; All customers will be allocated a named Account Manager who will have a team of dedicated Technical specialists that will support on any customer requirements.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We will appoint a dedicated project coordinator, responsible for the delivery of the service. The coordinator will determine the project’s stakeholders, contact details, design document and delivery steps. They will arrange a call to discuss the timelines and documentation, which we will share during the project, such as system data imports for users, call flows, porting documents and user guides. ; ; The project design will determine the type of training required. We will offer on-site training, remote sessions, guides or interactive self-paced learning or a mixture of all. We will encourage users to install their new device prior to bringing into service (BIS) so they can experience the new solution. This may be on their desktop via a softphone, mobile client or hardware, so users can then familiarise themselves with any new features. We can phase the BIS by moving users in departments or clusters, which can ease a large transition to a new platform. ; ; The SIP product provides an inbound and outbound number translation but, if additional services such as SIP Trunk Call Manager or inbound services are provided, then we can offer training material, through which a user can manage their own inbound numbers.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The system only holds CLI details and IP addressing. These are never required by the customer as they are not relevant if the service is ceased, therefore no data extraction would be required.; ; Former customers can initiate a right-to-be-forgotten request to remove their data that is held on our customer database. This will mean all service-related data will be deleted via existing internal data cleanse processes, documented on TTB’s online support centre (https://supportcentre.talktalkbusiness.co.uk/). We will also raise a data deletion request with our supplier.
• End-of-contract process: Once out of fixed-term contract all services will revert to a rolling monthly contract unless re-signed to a new fixed term. The customer will be given the option to renew. If they choose not to renew, then the service will be decommissioned. ; ; When a service is ceased, decommissioning will not be chargeable, and will involve the closure of any billing activity and removal of any service-specific data on our commissioning and billing systems. We also raise a data deletion request with our supplier. Customers can initiate a right-to-be-forgotten request to remove data held on our customer database.; ; The end of contract process will also be supported by the customer’s dedicated Account Manager, and TTB customer services will assist them with any queries or requirements. ; ; Current processes are documented on TTB’s online support centre (https://supportcentre.talktalkbusiness.co.uk/).

Using the service

• Web browser interface: No
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: The optional SIP Trunk Call Manager web-based dashboard offers a suite of inbound call handling tools, including full and direct control of your inbound numbers and implementation of routing features such as call diverts, system announcements and network-based queuing. These tools are suited to businesses that want to offer a high level of customer service, organisations looking to deal with incoming sales enquiries effectively without missing a call or organisations making a step change in the way they handle business continuity. These tools can be tailored to every individual’s needs and can be adapted instantly via web and app control.
• Accessibility standards: None or don’t know
• Description of accessibility: SIP Trunk Call Manager is easy to navigate and accessed via a web browser. Users with disabilities or sensory impairment can use their available browser settings to alter aspects such as font size and colour contrast to ensure the service is accessible to them. Some browsers, including Google Chrome, Safari, and Mozilla Firefox, also support text to speech. Documentation and other resources that support accessibility are available.
• Accessibility testing: N/A
• API: No
• Customisation available: No

Scaling

• Independence of resources: Each customer will have their own PBX and a dedicated connectivity service, therefore they won’t be affected by the demands of other users. Deployment to existing services will be subject to upstream/ downstream bandwidth limits and the primary codec of the PBX. The service can use dedicated internet-based connectivity, therefore no other (data) traffic will impede the SIP service subject to the usual limitations of internet services.

Analytics

• Service usage metrics: Yes
• Metrics types: Service metrics and statistics can be provided via the SIP Trunk Call Manager platform. Users can sign up for daily, weekly or monthly emails containing either a csv file of all the advanced statistics for the specified period, or a summary csv file with high-level statistics for each number within the account. Up to 3 email addresses can be designated to receive reports. Service metrics will include:; •Call handling performance in real time.; •Monitor vital key call metrics.; •Call routing.; •Received call statistics ; •Call answer waiting times.; •Volume of calls answered by set times of day
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Gamma Telecom

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Other
• Other data at rest protection approach: Data at rest is encrypted. There is an access control policy that forms part of the Security Policy covered under ISO27001 Accreditation. We also have a data security standard that details the requirements for classification, storage, use, processing and destruction of all data. Data is protected through role based permissions set by the Security Team. The access control policy and data security standard are both internal documents, so we are unable to share them.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: The only data that will be held are contact details, endpoint locations, DDIs and IP addresses. These cannot be exported.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: Other
• Other protection within supplier network: Call data records are transferred to TTB from its supplier using Secure File Transfer Protocol (SFTP). SFTP ensures secure file transfers by providing a variety of alternatives for strong authentication during digital communication and data transfer. SFTP uses the Advanced Encryption Standard (AES) to encrypt data, using a mathematical process involving prime numbers to encrypt data with a specific key. Users will require both the key and login rights to access data transferred in this way.

Availability and resilience

• Guaranteed availability: Across the core service we report a target SLA availability of 99.99%. ; ; Delivered availability will be dependent on the availability of the underlying connectivity service.; ; Regarding refunds where an SLA is not met, agreed customer service credits will be applied and paid in line with customer contracts.
• Approach to resilience: Data centre: Our supplier holds ISO 22301:2012 Business Continuity Management accreditation; further information can be provided on request.; ; By default, SIP Trunking offers a single site connection to a single Session Border Controller (SBC) High Availability (HA) cluster in the core. Customers can choose optional active/ active or active/ standby configurations.; ; Active/ Active offers dual endpoints in loadshare mode working off geographically-diverse, highly-available connection resilience. For this configuration, all traffic will be split between two load-balanced primary SIP trunks and, in the event of failure of one of the trunks, all calls will automatically route to the second, active, trunk.; ; Active/ Standby offers dual endpoints in active/ standby mode working off geographically diverse, highly available connection resilience. For this configuration, all traffic will route via a primary SIP trunk and, in the event of failure of the primary trunk, all calls will automatically route via a secondary SIP trunk.
• Outage reporting: TTB has an Integrated Operation Centre (IOC) that will send the Incident Communication as per the Major Incident Communications Content & Distribution Lists document via email alerts.; ; TTB will prioritise the incident according to the criteria and record the appropriate value for each of the following categories: ; · Service ; · Incident Type ; · Work Type ; · Reported Source ; · Product Categorisation Tier; ; Our Internal and/or External Communications teams will send an email to all recipients in the Major Incident Communications Content & Distribution Lists document, describing: ; · Impact ; · Symptoms ; · Manual workaround (if available) ; · Instructions or additional information for customers and/or agents (if available); · Provide a progress update; ; Email alerts will be provided in the event of a major service outage (MSO).

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: To restrict access, SIP Trunk Call Manager is accessed by account name and password, and management ports are managed by TTB on the portal. Customer administrators can be created to control access and set the privileges of all users. Additionally, these administrators can create and remove access in line with their own security policies.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 23/09/2021
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: SecureTrust
• PCI DSS accreditation date: 21-09-21
• What the PCI DSS doesn’t cover: N/A
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: TTB has a Master Security Policy in place and operates an Information Security Management System via its Security Operations Centre (SOC) for the reporting of all potential security breaches. The system is based on industry good practice (NIST CSF, PCI DSS) and is externally certified to ISO 27001. This covers a range of policies and procedures to ensure the confidentiality, integrity and availability of information, e.g., Master Security Policy, the Privacy Policy and the GDPR Policy.; ; The reporting of any security incidents is done directly to the Security team security@talktalkplc.com via the phishing report message button in the email toolbar. All incidents logged will go into the Security Team to process and escalate into the Head of Security, if required. All colleagues attend mandatory annual security training to ensure they meet audit standards around data handling requirements and encourage them to share the responsibility for protecting data at all times.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Services components are logged/tracked by the SIP Portal and managed by our Voice Operations team with online portal/database records kept. ; ; Change management is assessed, logged, and tracked through our Service Management tool, from the point at which we raise the initial change request until that change is closed off. ; ; Everyone involved in this process has the requisite training. Managers of teams carrying out changes will be accountable for the quality of the work undertaken by their teams.; ; Security impact will be assessed through a risk assessment and structured model to ensure all risks are captured and clearly identified.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: We scan via InsightVM software both our on-premises and cloud infrastructure for vulnerabilities every week. Security patches will be deployed at the next available patching window (usually monthly) and we have a monthly governance meeting to discuss vulnerabilities remediation activities.; ; Our Vulnerability Manager/Threat Intel Specialist and SOC team proactively monitor security intelligence feeds and vendor announcements to gain information about potential threats. On detection, we work with Operational teams to ensure that remediation is completed. If a security advisory is deemed Critical to our infrastructure, we manage it via security incident management processes.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: We identify potential compromises through real-time monitoring of key perimeter and host-based systems alerting into 24x7 SOC as well as regular structured threat hunting based on current cyber threat intel; and established incident reporting processes between suppliers/colleagues/our 24x7 SOC.; ; Potential compromises will be prioritised based on business impact/likelihood of escalation, then managed to resolution or escalated to our Intrusions and Investigations team. The focus is on containment and eradication with considerations for forensic analysis, recovery and post incident improvements.; ; The SOC responds to all incident reports immediately but will focus attention on priority incidents based on the pre-defined triage.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Within TTB’s Incident Management process, common events such as alerts and alarms will be picked up by the 24/7 Integrated Operations Centre team. Impact and urgency will be assessed, and if the incident is customer-impacting, an Incident ticket raised. ; ; Communication will be sent out by our Gateshead Service Centre detailing the issue. Periodic progress updates/reports and resolution communications will also be sent via email. Depending on the issue appropriate technical operational resources will be engaged to support the fix.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  The TalkTalk Business’s Executive Committee meets regularly to review identified and emerging risks, which inform our strategic planning process. This is reviewed by the Board, which has identified and is monitoring emerging risks around the long-term implications of climate change and will be featured in upcoming climate-related financial disclosures. ; In November 2020 TalkTalk Business committed to a Science Based Target (by signing the Business Ambition for 1.5 Degrees) for its carbon emission reductions, to achieve net zero by 2050. Since then, our near-term targets have been validated. ; Key actions include:; • Switching to a renewable electricity tariff, which we have completed, and switching to green gas by 2026; • Changing from diesel to biofuel for back-up generators, to be completed in 2024. ; • Company car policy requiring all fleet vehicles to be petrol, hybrid or electric. Transition has commenced, with initial EV orders placed for the fleet ; • Third party environmental policy with requirements to measure and report carbon footprint and specific product carbon footprint – as of 2023, over 80% of our suppliers have committed to, or set, science-based targets. ; TalkTalk Business has reduced scope 1 and 2 emissions by 94% over 5 years (FY18-23) and reduced energy in its operations by 23% in the same time period. ; TalkTalk group has science based targets to reduce scope 3 emissions by 42% between FY20 and FY30.

  Covid-19 recovery

  The COVID-19 period challenged TalkTalk Business, and during lockdowns, mitigations included: ; • Measures to ensure the health and safety of our workforce and customers whilst we continued our provision of critical services. ; • Focusing on employee wellbeing by introducing training for People Managers, implementing new guidance around wellbeing support and regularly surveying colleagues on their wellbeing to inform our policies. ; • Prioritising service of customers with vulnerable end-users and enhancing our digital service support for all customers ; • Working with key partners to expedite home-working solutions for customers to ensure they could continue to operate effectively. ; ; We adapted our corporate responsibility work to tackle acute needs and support the most vulnerable in society. We made donations to local efforts to counter exclusion and vulnerability due to the pandemic, including: ; • Salford Food Share Network to provide emergency food support; • Donating laptops to Salford College to support home-learning. ; • Working with local charity the Hamilton Davis Trust to support the production of Personal Protection Equipment for local health workers, providing financial support and office space to their operations for several weeks. ; ; Post COVID-19, we turned our attention to how we could help our customers and communities to recover: ; • We worked with Salford Community & Voluntary Service and NHS Salford to fund a Youth Wellbeing Fund, which offered funding to projects aimed at boosting wellbeing; • We offered free broadband to jobseekers via the DWP; ; To continue supporting post-pandemic recovery, we are helping organisations focused on reducing isolation and loneliness. For example, we provide connectivity to The Branch free of charge, which supports their Computer Corner, through which they support service users to develop online skills. We also provide a dedicated leased line to The Samaritans Manchester branch at no cost, allowing them to manage inbound calls more effectively.

  Tackling economic inequality

  As well as paying our colleagues the real living wage, our commitment to good employment, previously as part of the wider TalkTalk Group, has been recognised by the Greater Manchester Combined Authority, as we were accredited as a Member of its Good Employment Charter. To achieve membership status, we took part in a thorough assessment, which was reviewed and approved by a technical review panel and Charter Board. We offer employees training with clear development paths that address skills gaps and result in recognised qualifications to support further career ambitions. ; ; We are proud to be a Salford business committed to building strong connections within our city. We’ve been involved in initiatives to promote social wellbeing and economic growth in the region, including: ; • Working with the Department for Work and Pensions (DWP), supporting local employment initiatives and hosting virtual jobs fairs for vulnerable demographics. ; • Participating in the Kickstart scheme to offer paid placements to young people, with 3 of the young people securing permanent roles within TalkTalk Business. ; • Our Employee Networks partner with local organisations like the Proud Trust, Salford Pride and the University of Salford, and we promote local volunteering opportunities to our colleagues, including trustee positions in local charities. ; ; We will develop working practices and partnerships with activities to support relevant sector-related skills growth in the contract workforce during the Framework. ; ; For example, we currently provide connectivity to The Branch, free of charge, which supports their Computer Corner, through which they help service users apply for jobs and learn computer skills. We also provide a dedicated leased line to The Samaritans Manchester branch at no cost, allowing them to manage inbound calls more effectively, and providing a lifeline to people struggling to cope with socio-economic and personal challenges.

  Equal opportunity

  TalkTalk Business celebrates diversity and is an inclusive place to work, treating everyone fairly with diverse representation at all levels and areas. There are no barriers to progression and appointments are based on merit. ; ; Our programmes to promote equal opportunity include: ; • Women in leadership roles - we have strong female representation right at the top; and have set aspirational targets when recruiting women, with a particular emphasis on middle and senior leadership. As a result, our proportion of women in these roles has grown over the last 12 months. We seek formal development paths for our female talent and participated in a ‘Women in Leadership’ apprenticeship programme that was created in partnership with the apprenticeship provider, Raise the Bar. This saw a 70% increase in promotions for participants. ; • We provide support for Ambitious about Autism, the national charity standing with autistic children, young people and their families. As part of the pioneering internship programme, Employ Autism, we have recruited interns to teams across the business, in roles from regulation to procurement and commercial. ; • We publish our Gender Pay Gap report annually. Our mean pay gap of 10.4% has reduced from 12.9% in 2019. This reduction has been due in part from promoting female talent. ; • As part of TTG, our employee networks were very successful. Our BAME employee network, Empower, mentors young black students at the University of Salford, responding to higher than average drop-out rates. This has had a positive impact in its first year. At TTB, we are looking to continue this success by establishing our own employee network groups. ; ; As part of TalkTalk Group we’ve previously achieved the ‘Inclusive Top 50 UK Employers List’ for best practice across all strands of diversity.

  Wellbeing

  Initiatives to support the mental and physical wellbeing of our workforce (which we will continue during the framework) include: ; • Our Give Something Back policy offers three paid volunteering days per year and encourages local volunteering to promote community connection. We are currently organising a ‘donate your time and talent’ programme to support local care homes during Dementia Awareness week in May 2024.; • Our Wellbeing Community employee network shares resources and hosts events on physical and mental health and wellbeing, e.g. discussions on male mental health. Network members are champions across the business, creating blogs, interviews and podcasts about wellbeing. ; • We recognise mental, physical, financial and social risks for various roles and offer employee support resources; • Employee Assistance Programme with free 24/7 access to advisors or website resources in app form, which has been very positively received. ; • A Financial Wellbeing Portal helps colleagues to manage and monitor their financial health. ; • Employer contributed Private Medical Insurance offered to all colleagues, along with Digital GP service and regular wellbeing Webinars from provider Aviva.; • Hardship loans to support colleagues with short term no interest loans in times of financial crisis. Our employee forum, OneVoice, includes quarterly Health, Safety and Wellbeing meetings to ensure colleague confidence in our processes.

Pricing

• Price: £4.40 a licence a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.stokes@talktalk.business. Tell them what format you need. It will help if you say what assistive technology you use.