Cinos

Cinos Cloud Unified Communications as a Service

Cinos Cloud Unified Communications leverages best-of-breed, open-standards Cisco technology.
A Cisco-powered cloud delivering robust, always-on IP telephony, video conferencing, instant messaging, switchboard, omni-channel contact centre and full reporting, recording and billing for users in any location on any device. Public, private and hybrid cloud options delivered from UK-sovereign data centres.

Features

• Office telephony and soft clients for user mobile/tablet/laptop
• UK sovereign service delivered via HSCN/Internet/private circuit
• Microsoft Teams integration for calling and video
• Resilient switchboard for critical front line services
• Robust, Reliable, always on, fully-managed communications
• Includes Cinos SIP PSTN and connectivity services
• Voice, video and conference calling, including MDT
• Integrates with third-party video (Microsoft Teams/Zoom/Google)
• Includes options including call queue, attendants, recording
• Interoperates with legacy paging and analogue systems

Benefits

• Supports Integrated Care System communications strategy
• Utilises existing investment in licensing and technology
• Fully Inclusive Concierge and Technical Support Service
• A Unique, Predictable Licensing and Commercial Model
• Enables the use of both critical internal comms and cloud
• Supports omni-channel contact and single point of access centres
• Bring existing telephone number ranges and port if you leave
• Offers competitive bundled minutes or set rates for external calls
• Adds calling to Microsoft E1/E3 without additional MS licensing
• Supports agile working and work from anywhere

£4.93 to £130.25 a user a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@cinos.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

809551013778712

Contact

Jody Faulkner
07869370406
bids@cinos.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: The solution is designed to be highly available and is serviced from multiple UK sovereign data centres. Cinos performs on-going maintenance on the platform to ensure availability, but always on the basis that end user services shall remain operational.; ; For complete interoperability between Stellaris and Microsoft Teams, Cinos requires the ability to configure Cloud Video Interop (CVI) and Direct Routing within the Microsoft tenant.
• System requirements:
  • Underpinning connectivity - HSCN, Internet / SD-WAN or private circuits
  • LAN: Voice VLAN, Quality of Service, CDP / LLDP-MED

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Our response times are based upon priority of the incident:; ; P1 - Severe Business Impact - 15 minutes; P2 - High Business Impact - 30 minutes; P3 - Medium Business Impact - 2 hours; P4 - Minor / no Business Impact - 4 hours; P5 - Service Request / Service Query - 1 business day
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We offer varied Service Level Agreements based on deployment model: ; ; • The Service Level Agreement (SLA) for Standard Private or Community Cloud is 99.9% ; • The Service Level Agreement (SLA) for Cloud HA Private or Community Cloud is 99.99% ; • The Service Level Agreement (SLA) for Hybrid Cloud is 99.99%. ; ; There is no cost implication for the differing support levels; the support level is derived from the deployment model chosen.; ; We provide a named Technical Account Manager for all of our customers, providing a point of escalation, a named contact for service queries and technical update / roadmap workshop sessions
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: In order to fully understand your business objectives and produce an appropriate design to fully meet requirements, we offer a number of workshops to gain a comprehensive understanding of your organisation. This information, combined with detailed benefits analysis enables Cinos to provide the perfect solution to meet your business need.; ; While we have industrialised and standardised our approach as far as possible, we appreciate that each of our customers and their requirements are unique. Our typical on-boarding process follows a closely aligned PRINCE2 methodology which incorporates the following key stages:; ; • Initiate and Assess; ; • Plan and Design; ; • Procure; ; • Implement; ; • Prepare; ; • Handover and Transition; ; • Benefits Realisation
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: In the event you wish to leave our service, we will meet all necessary obligations in order to enable a smooth transition of service, including the release of any software licenses to you.; ; Service cessation should be initiated by request in writing, where we will be happy to work with you define a service cessation plan.
• End-of-contract process: In the event you wish to leave our service, we will meet all necessary obligations in order to enable a smooth transition of service, including the release of any software licenses to you.; ; Service cessation should be initiated by request in writing, where we will be happy to work with you define a service cessation plan.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: The AXL API provides a mechanism for programmers to make several types of changes to the Cisco Unified CM Database using XML and the SOAP interface.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: The service is fully customisable from a number of viewpoints. Firstly from the services deployed, customers can simply consume the calling platform, or choose to add voice messaging, Microsoft Teams integration, compliance recording, attendant/operator consoles. The service architecture is customisable in that customers can choose full cloud, hybrid cloud, or even managed premise cloud. In addition customers can choose the level of resilience they need, with the option to add on-premise reduncancy should connectivity to the cloud fail. Reporting and analytics is fully customisable to allow you to view the statistics and data you find most useful. The Cinos service too can be customised to provide the SLAs and service 'wrap' you need to meet your business requirements.

Scaling

• Independence of resources: In order to guarantee that users are not affected by the demands from other users, Cinos uses resource reservations and shares such as internet bandwidth shaping. In addition, the capacity planning team ensure that usage in terms of all resources are constantly monitored and increased accordingly relating to user demand.; ; Services provided by Cinos are multi-instance, rather than multi-tenant, meaning that each customer gets their own dedicated instance of the service.

Analytics

• Service usage metrics: Yes
• Metrics types: These metrics include average/max CPU usage, average memory usage, average disk write/read speed and disk provisioned/utilised for VMs in all regions
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Cisco

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
• Other data at rest protection approach: Customers are encouraged to protect their own data using encryption technologies where only they have the decryption key. In this way, our customers are assured that their data can never be accessed by a third party.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Authorised users may export end user and configuration data from the service administrative interface. Exported data is typically downloaded as .CSV
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We offer varied Service Level Agreements based on your deployment model:; ; • The Service Level Agreement (SLA) for Standard Private or Community Cloud is 99.9%; • The Service Level Agreement (SLA) for Cloud HA Private or Community Cloud is 99.99%; • The Service Level Agreement (SLA) for Hybrid Cloud is 99.99%; ; If the service level falls below the stated availability percentage (excluding Planned and Emergency Maintenance periods), customers will be eligible for Service Credits on affected Unified Communications and Collaboration applications only. Service Credits will be calculated as a percentage of the fees for the affected services for the monthly billing period during which the failure occurred (to be applied at the end of the billing cycle).; ; The Service Credit for a Standard Deployment Model is 5% of the affected applications monthly spend.; ; The Service Credit for a Cloud HA Deployment Model is 15% of the affected applications monthly spend.
• Approach to resilience: Available on request
• Outage reporting: All outages will be reported via email. Outages are identified as Planned maintenance, Emergency maintenance, and platform issues. In addition, the designated Technical Account Manager will proactively contact customers as appropriate.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: For online systems (e.g. Customer Portal & API interfaces), all users are required to have a unique username, password and memorable word combination. Customers may also use 2FA authentication tokens.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Bmtrada
• ISO/IEC 27001 accreditation date: 11/03/2026
• What the ISO/IEC 27001 doesn’t cover: No exclusions.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: The Company is governed by an integrated suite of information security policies. Under the top level Information Security Policy itself are second-level documents with specific focus on Acceptable Use, Antivirus Protection, Asset Management, Business Continuity Management, Data Protection, Password Management, Personnel Management, Supply Chain Management and many others.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Cinos has documented configuration and change management policies and processes, which have been implemented, maintained and assessed in accordance with the guidance from ITIL v.3 and the current ISO20000 standard.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Cinos has a documented vulnerability management policy and process, which have been implemented, maintained and assessed in accordance with the guidance from ITIL v.3 and the current ISO20000 and ISO27001 standards. Where technically possible, real-time updates and status reports are identified and sourced from credible vendor sources, which cover a significant proportion of our asset population. For other systems and software, assigned personnel have responsibility for regularly reviewing technical forums and specialist groups to promptly identify and evaluate any emerging patches or updates which require our attention.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Our service is based upon Cinos own cloud infrastructure. Following best practice from the National Cyber Security Centre, Cinos protects its cloud platform with enhanced protective monitoring services (SIEM), at the hypervisor level and below. Our approach to protective monitoring continues to align with the Protective Monitoring Controls (PMC 1-12) outlined in CESG document GPG13 (Protective Monitoring for HMG ICT Systems). It includes checks on time sources, cross-boundary traffic, suspicious activities at a boundary, network connections and the status of backups, amongst many others. All alerts are immediately notified to the NOC for prompt investigation.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Cinos has a documented incident management policy and process, which have been implemented, maintained and assessed in accordance with the guidance from ITIL v.3 and the current ISO20000 and ISO27001 standards. This activity is responsible for the progression of alerts generated by automated monitoring systems, issues identified by personnel, and incidents identified and reported. All incidents are promptly reported into a central ticketing system, which ensures that each is promptly assigned to an appropriate resource, and its progress tracked (and escalated, as required) to resolution.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Cinos is committed to fighting climate change and delivering environmental benefits in the performance of our contracts, including working towards net zero greenhouse gas emissions. Our ISO14001-accredited Environmental Management System ensures that business activities are managed to increase sustainability, and work towards net zero greenhouse gas emissions by 2047, as demonstrated in our Carbon Reduction Plan, in alignment with PPN 06/21 (https://www.cinos.net/our-company/carbon-reduction-plan/). ; As part of all our contracts, we take the following environmental measures: ; • Promote Circular Economy: We will implement a comprehensive equipment lifecycle management strategy, focusing on extending the lifespan of hardware. Instead of disposing of equipment, we will explore opportunities for reuse. Equipment that cannot be reused will be dismantled at component level to meet out 0% to landfill commitment, recycling component materials in-line with the EU's Waste and Electronic Equipment (WEEE) Directive 2012/19/EU. ; • Drive Packaging Innovation: Promote recycling and explore sustainable packaging to reduce waste and minimise environmental impact.; • Substances and Process Elimination: We will actively remove the use of substances and processes that adversely affect the environment. ; • Supplier Commitment: We will only obtain services, equipment, and power from providers, manufacturers, and vendors who are committed to environmental protection. ; • Sourcing and Recruiting Locally: We will prioritise local recruitment and sourcing of suppliers to minimise business travel requirements. ; • Delivering Environmental Training: We will provide environmental training to our staff and supply chain. ; • Utilising Collaboration Technologies: We will leverage collaboration technologies to reduce the need for physical travel. ; • Using Electric and Hybrid Vehicles: We are phasing out the use of diesel-powered vehicles promoting cleaner transportation and reducing air pollution. ; • Energy Efficiency – We are delivering an ongoing programme of upgrades and renewal to HVAC, insulation, and other systems to reduce energy consumption, carbon emissions.

  Covid-19 recovery

  Cinos confirm that on request we are able to provide Social Value deliverables that support Covid-19 recovery on a contract by contract basis as requested by potential Buyers.

  Tackling economic inequality

  Cinos confirm that on request we are able to provide Social Value deliverables that support Tackling economic inequality on a contract by contract basis as requested by potential Buyers.

  Equal opportunity

  In the delivery of this Service, Cinos will deliver Equal Opportunity in line with the Social Value Model as follows;; As a Disability Confident employer, Cinos provide equality of opportunity for anyone with visible and/or non-visible disabilities. We ensure that our supply-chain share our values and disabled employees are fully-supported. Processes ensure we understand the issues affecting representation of disabled people in the workforce. We provide all speciality equipment for employees to fulfil their duties from any location so there are no barriers to any employee performing their role.; Cinos provide employment opportunities for all, regardless of gender, age, ethnic-origin, religion, sexual orientation, or disability. We promote the principles of equality and diversity in all dealings and hold Investors-in-People (Gold) and Living-Wage accreditations. We offer a range of accessible opportunities within our recruitment process with working-conditions promoting an inclusive working environment, including flexible and remote working. We’re committed to providing a working environment free from discrimination.; We support all employees in upskilling and progressing in their career with training budget allocated to every individual, alongside quarterly appraisals. Everyone has equal access career-development opportunities aligned to experience and ability. We take appropriate positive-action measures to provide specialised training and support for groups that are under-represented in taking-up training and career-development opportunities. Our apprenticeship program provides employment and training for candidates from local colleges and universities resulting in a job offer.; Cinos are committed to the avoidance of Modern-Slavery within our organisation and supply chains. We only work with suppliers who have embedded sustainable and ethical practices within their organisation; reporting in line with the UN Guiding Principles Framework and the Modern-Slavery Act and ensuring that our commitment to delivering social benefits and upholding human rights is disseminated through our Impact Report, Modern-Slavery Act statement and Sustainable Procurement Policy.

  Wellbeing

  Cinos confirm that on request we are able to provide Social Value deliverables that support Wellbeing on a contract by contract basis as requested by potential Buyers.

Pricing

• Price: £4.93 to £130.25 a user a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@cinos.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.