Callmy Alert Mass Notification
Callmy Alert is a mass notification, response and location service with integration capabilities.
Callmy Alert is used to support the delivery
of critical communications that require a fast response and could relate to business continuity, Civil Contingency events, emergency situations, cyber attacks or the mobilisation of key responders.
Features
- Mass Notification and Response,
- Message delivery options to dedicated smartphone app and desktops.
- Geo location services - target users in specific locations.
- Realtime Management Reports and user statistics.
- Permission based access.
- Active Directory integration & Secure SSO login option.
- Override end user devices on silent and DND.
- Includes Secure document storage.
- API, email and voice integration.
- Simultaneously notify multiple groups
Benefits
- Simple to use and cost effective to deploy.
- Speed communication to ensure a positive outcome.
- Lockdown and evacuate sites in seconds.
- Gather message responses and monitor realtime user feedback.
- Send messages from: web portal, email, phone call, or API.
- Send messages to: dedicated app & desktop PC's.
- Monitor end users locations to ensure wellbeing.
- Fast - send 2,000 messages per second
- Global Reach.
- Branded message content & message templates.
Pricing
£0.11 a user a month
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
8 8 2 2 2 3 4 5 3 9 6 6 4 5 3
Contact
Callmy Ltd
Tony Watson
Telephone: 020 31891250
Email: tony.watson@callmy.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- Standard service is provided during normal working hours. This can be upgraded if required.
- System requirements
-
- Administration access requires a Chrome or MS Edge browser
- The Callmy Alert iOS app requires iOS 8 or later
- The Callmy Alert Android app requires version 6 or later
- The Callmy Alert Windows app requires Windows 10
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Support questions are responded to within 4 hours
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
Customers have access to the Callmy support team, which can be accessed by authorised contacts using dedicated phone and email access.
Standard Support - provided seven days between 09.00 and 17.00
Response to technical questions, received from authorised contacts via phone or email . Included as part of the standard price.
Enhanced Support - provided seven days 24 hours per day.
Response to technical questions received from authorised contacts via phone or email . This is charged at either £1,000 per annum, or 8% of the annual contract value, which ever is greater.
Provisioning requests - if required authorised administrators can request new service provisions between Monday and Friday during normal working hours. Included as part of the standard price.
Fault Reporting - authorised contacts can report technical faults, via phone or email, on a 24x7 basis - provided as part of the standard service delivery.
Training Support - Callmy Alert Administration training is provided as part of the standard service implementation and this can be conducted either on the customers site or remotely. Administrators have free access to online training material and can request additional remote training sessions as required. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- The Callmy service team will liaise with the buyer to configure the service as they require. They will also deliver training, either on site or remotely and provide access to training material - PDF and video.
- Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- The authorised service administrator(s) will delete their data via the Callmy Alert Management Portal. The Callmy Alert service desk can also perform this task if required.
- End-of-contract process
- At the end of the contracts initial term, the customer has the option to extend for another agreed period; the minimum being 12 months, or to terminate. Callmy Alert will work with the customer to decommission the service and this does not incur any additional charges.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Chrome
- Application to install
- Yes
- Compatible operating systems
-
- Android
- IOS
- Windows
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- None - the end user experience is the same across all platforms
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 AAA
- Description of service interface
- The Callmy Alert Management Portal provides full access to details of every aspect of the service. This includes message groups, administrators and their permission level, all current messages and their response data, an archive of all messages that have been sent and their response data, message templates, documents stored within the service and access to a live map that plots the location of users who have chosen to share their location via their Callmy Alert app. The Portal also allows for service configuration, user management & Active Directory integration.
- Accessibility standards
- WCAG 2.1 AAA
- Accessibility testing
- Our iOS and Android apps are build on core OS frameworks, allowing CallMy to take advantage of the full range of accessibility integrated into both iOS and Android Operating Systems. These include voice over of critical notifications, high contrast and colour support, text size adjustment. Testing is done in-house as part of the QA process prior to software release or update.
- API
- Yes
- What users can and can't do using the API
-
The Callmy Alert service is integration ready and can provide a centralised notification service for an entire network.
Once integrated Callmy Alert will automatically deliver the right information, to the right people at the right time.
Use cases include Fire Alarm systems, CAFM Software and Patient Monitoring systems.
Customers access and manage API integrations through a Swagger page. - API documentation
- Yes
- API documentation formats
- Open API (also known as Swagger)
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
-
Buyers can publish messages to comply with their brand guidelines and also include their logo. This introduces an important benefit, during emergencies, as end users are less likely to confuse official "branded" messages with misinformation distributed via email, sms and social media.
Messages are edited by the customers authorised administrators, using the web based Callmy Alert Management Portal. Message templates can also be created for known and planned events.
Scaling
- Independence of resources
- The capacity of the Callmy Alert service is actively monitored and resource allocated, based on historic usage patterns and anticipated peak demands. If additional capacity is required, it is scaled into service to maintain availability and service levels.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Authorised administrators can view metrics on: numbers of users, message open rate, acknowledgment of message receipt, response details that can include name, email, a comment and GPS location. Additionally details of which users have activated their SOS alert are accessible - this data includes tracked GPS information and audio recordings captured during the activation. Also details of of users who have used their SOS timer are available. All information is time and date stamped and details of relevant durations are available. Details can be exported to Excel for further analysis.
- Reporting types
- Real-time dashboards
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Data can be exported to Excel
- Data export formats
- CSV
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- Via integration with Azure Active Directory
- Manually
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- Callmy Alert is a 99.99 available service and this forms part of the SLA
- Approach to resilience
- Callmy Alert is delivered from two Microsoft Azure ISO 27001 certified data centres and the application is operationalized to ensure there is no single point of failure. The Callmy Alert service backs up data in real-time and can automatically failover should the primary data centre become unavailable or a software component fail. The Service Level Agreement states that Callmy Alert is 99.99 available.
- Outage reporting
- Callmy Alert employs various services to monitor the hosting environment and application. These include Azure, Datadog, Pingdom and Twilio. Alerts are sent to the service management team using dedicated apps, sms and email.
Identity and authentication
- User authentication needed
- Yes
- User authentication
- Identity federation with existing provider (for example Google Apps)
- Access restrictions in management interfaces and support channels
- Administrators have to be added to the service via a secure Management Portal - this also defines their permission to access and manage Callmy Alert's capabilities. Administrators can only log in using their registered email address and password. It is also advised Administrators enable the services two factor authorisation feature. SSO is also supported.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Username or password
- Other
- Description of management access authentication
- Using OKTA SSO
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users receive audit information on a regular basis
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
- Cyber Essentials
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- ISO/IEC 27001
- Other
- Other security governance standards
-
The Callmy Alert hosting environment is certified to IS027001.
Callmy Ltd is Cyber Essentials IASME Certified - Information security policies and processes
-
Callmy Ltd has information security policies in place to cover both internal business systems and also the security of the Callmy Alert service.
Callmy Ltd's Information Security policies and procedures are documented and are available on request.
Polices include: DPA Policy, Information Security Plan, Data Protection Impact Assessment, Data Breach Policy and Acceptable Usage Policy. The Policies are reviewed on a regular basis and changes are reflected in the documentation.
Incidents and issues relating to Information Security are reported to the CEO who ensures the appropriate procedure is followed.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
Callmy Ltd employs a configuration process to systematically manage, organise, and control the changes in documents, code base, and other entities during the development life cycle. The components tracked include the core application, database, notification hubs, streaming service, web services and end user app. Regular tasks are managed and reviewed that include:
- Configuration Identification
- Baselines
- Change Control
- Configuration Status Accounting
- Configuration Audits and Reviews - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Callmy Ltd's development team assess the service for vulnerabilities on a monthly basis and these are logged in Microsoft Visual Studio Team Services. They are ranked as low, medium or high risk to enable the development team to make threat level/service impact assessments, allocate resources and plan deployments accordingly. This process is signed off by a senior manager and the rationale for the decisions taken logged - this forms part of the ongoing vulnerability management process.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
Callmy Alert is monitored for:
- Invalid administrative login attempts.
- Exceptional network activity within the Azure environment.
- Exceptional levels or suspicious activity accessing the Azure environment; from email or voice, for example.
- Exceptional levels of activity from a device; app location for instance.
- Suspicious end user activity.
Various means of alerting key stakeholders of exceptional/suspicious activity and critical incidents are employed. These alerts prompt the response team to access Callmy Alert's audit logs to make assessments and employ remedies. The time to respond forms part of the SLA and this is attached to this submission. - Incident management type
- Supplier-defined controls
- Incident management approach
-
Callmy Ltd has a pre-defined process for common events and this forms part of the Callmy Service Level Agreement.
Users report incidents either via the agreed support email address or phone number. These are logged and triaged for resolution. The user and main customer contact will receive details on how the incident is being managed/resolved - a post event report is provided to the user/main customer contact. This is report is also logged in the customer record on the Callmy Ltd's CRM system.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
Callmy Ltd has a flexible working ethos and this enables staff to work from home to minimise their travelling, to help reduce their carbon footprint. Callmy Ltd has a policy to source products and services from environmentally aware suppliers and, by 2030, we aim to have a carbon neutral supply chain, be water positive, have zero waste certification and be net zero.
Pricing
- Price
- £0.11 a user a month
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- The free trial covers the Callmy Alert mass notification service. It includes access for 2 administrators, up to 20 users and one message group. The trail is for one month and all service and support is freely provided.