SotaVOICE
SotaVOICE – Presents your organisation to the outside world as a co-ordinated and connected, singular organisation, even though your people may be distributed in different offices, at home, or even across the globe.
Features
- Make and Receive Calls -VoIP
- Teams integration
- Auto Attendant
- Desktop and mobile app
- PCI compliant call recording
- SIP trunks
- Phone numbers
- 24/7 UK Service Desk
- Managed handsets
Benefits
- Accessible from any location
- Highly available and resilient
- SLA backed services
- 24/7 monitoring & support
- Low cost calling
- UK base datacentres and support
Pricing
£6.50 a unit
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
8 8 2 6 7 8 7 9 3 6 2 9 8 3 6
Contact
Sota Solutions Ltd
Sales Enquiries
Telephone: 01795 413500
Email: tenders@sota.co.uk
Service scope
- Service constraints
-
Our pre-sales team will engage with you to fully understand your requirements for handsets, auto attendant, call recording etc requirements to ensure the best configuration of services is identified.
Any constraints will be identified and highlighted at this point.
Outside of the technical requirements, there are very little constraints on the use of the service. - System requirements
- The customer's broadband could affect call quality
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Server Support Essentials - Mon-Fri 08:00-18:00
High Priority Incident Response < 2 Hours
Standard Priority Incident Response < 4 Hours
Server Support PRO - 24/7
High Priority Incident Response < 1 Hours
Standard Priority Incident Response < 2 Hours - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Onsite support
- Support levels
-
Sota provide four levels of user support, SotaSupport User Essentials, Essentials +, PRO and PRO +.
Essentials provides Monday to Friday 08:00 - 18:00 support and so is ideal for non-business critical systems.
PRO provides 24/7 support as well as customer 3rd party vendor collaboration and engineer managed patching.
See SotaSupport User Matrix for full details of service levels and costs. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
We will walk you through our tried and tested onboarding process. This starts with a detailed discovery step, followed by a Prince2 planning & implementation stage, User Acceptance Testing ending with Handover To Support. Proof of concept or evaluation stages can be made available depending on the nature of the requirement.
Requirements Discovery
Sota will work with you to obtain a detailed understand of your requirements and provide a comprehensive proposal for the required solution.
Implementation planning
We assign an experienced dedicated Project Manager to review the requirements and map the design brief to a formal project plan. All Risk, Issues, Assumptions & Dependencies are logged and tracked throughout the delivery of the project.
As a minimum, weekly project progress meetings will be chaired by the PM with you, providing an update on progress and future deliverables.
Training
Any user training requirements will be identified as part of the Requirements Discovery stage. These can include How To documents, videos and both remote and onsite instructor lead training.
Proof of Concept & evaluation
We provide PoC and evaluations based on any 3rd party licence constraints. Set-up costs may apply depending on the scope of the PoC. - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
-
All data is the property of the customer and we apply no restrictions on the extraction of such data. During the offboarding process we will actively support both the customer and new provider in the transfer of all data and configurations.
As a minimum, we allow for a month’s grace period for all live environments for the purpose of offboarding, allowing for post go-live issues to be easily resolved. Longer cutover periods can be provided at an agreed cost.
Offboarding support is provided free of charge. - End-of-contract process
-
We will assign and appropriate technical resource to act as a single point of contact for both the customer and new service provider.
They will ensure that the required project deliverables are fulfilled to ensure a successful transfer.
Using the service
- Web browser interface
- No
- API
- No
- Command line interface
- No
Scaling
- Scaling available
- No
- Independence of resources
-
The SotaVoice platform provides a guarantee of resource availability specific to each individual client i.e. DDIs, SIP trunks, call recoding storage etc.
The underlying SotaVoice hardware is grouped into clusters. Each cluster is comprised of multiple physical hardware devices. This approach allows us to load balance within clusters as well as across clusters should the need arise.
The SotaVoice platform has been implemented on an N+1 basis allowing for overall platform resilience. - Usage notifications
- Yes
- Usage reporting
-
- Other
- Other usage reporting
-
Account Management reports provide a breakdown of resource utilisation of the provisioned services.
Should any usage limits be identified, these will be highlighted in the report and discussed with the customer during the Account Management meeting.
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
-
- Disk
- Network
- Number of active instances
- Other
- Other metrics
- Itemised call billing
- Reporting types
-
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with another standard
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Hardware containing data is completely destroyed
- Equipment disposal approach
- A third-party destruction service
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
-
- Tenancy configuration
- Call recording
- Backup controls
-
Call recording retention period is agreed with the customer during the discovery stage.
The customer is unable to change any parameters. - Datacentre setup
- Multiple datacentres with disaster recovery
- Scheduling backups
- Supplier controls the whole backup schedule
- Backup recovery
- Users contact the support team
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- We guarantee 100% uptime on our private cloud for virtual hardware and network connectivity. Should we fail to deliver, customers may request a service credit from their account manager.
- Approach to resilience
- We have no single point of failure anywhere in our systems, from datacentre fibre connections through to firewalls, cabling and switching. Everything is at least doubled. We use resilient Dell SANs to provide the disks for our virtual servers, which is highly available and connected over a resilient fibre-optic network to our hypervisors. Our virtualisation technology is by VMware and support their Distributed Resource Scheduler system, which automatically moves guests to a new hypervisor seamlessly and without a break in service, should a host machine fail. We also have datacentre level DoS protection running to mitigate DoS attempts in real time.
- Outage reporting
- We will correspond by email with customers in the event of a serious incident.
Identity and authentication
- User authentication
-
- 2-factor authentication
- Username or password
- Access restrictions in management interfaces and support channels
- All accounts are dedicated to individual users, and username and password is a minimum requirement.
- Access restriction testing frequency
- Never
- Management access authentication
-
- 2-factor authentication
- Username or password
- Devices users manage the service through
- Directly from any device which may also be used for normal business (for example web browsing or viewing external email)
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- BSI
- ISO/IEC 27001 accreditation date
- 12/10/2016
- What the ISO/IEC 27001 doesn’t cover
- All aspects of the business are in scope.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
- IASME Cyber Assurance Level 2
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- We are ISO 27001 certified by the British Standards Institute. We have many checks and balances in place within our normal working processes in order to ensure policies are adhered to. Reporting to management occurs through monthly committee meetings, which are attended by the board of directors.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Every change goes through peer review, is requested in a ticket, checked for error and impact, as well as implications to wider security, before being accepted. Only senior staff may accept changes on a day to day basis.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- We subscribe to all available security mailing lists for the software we use. We maintain a patching schedule which ensures every server is patched not less than every 3 weeks. In the event of a serious security flaw a security incident is raised, inline with our ISO 27001 policy, and is then used to track the mitigating steps. This is done as quickly as possible, outside of the standard 3 week patching cycle, and customer security contacts are kept informed of progress by their account manager via email.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- To be defined
- Incident management type
- Supplier-defined controls
- Incident management approach
- We have an ISO 27001 certified incident management process which we follow in the event of an actual or possible threat to our service. Customers may report incidents to us either via their ticketing system, by email to their account manager or, if anonymity is required, via our website contact form. Reports can be provided on request in PDF form by email.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Supplier
- Virtualisation technologies used
- Hyper-V
- How shared infrastructure is kept separate
- If required, we can provide different subnets and even different hypervisor clusters for different customers. Total separation is possible if necessary.
Energy efficiency
- Energy-efficient datacentres
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
Our datacentre is powered by 100% renewable energy. By using our services, customers do not have to replicate the same facilities and services and so reduce their carbon footprint in building, running and maintaining their own facilities.Tackling economic inequality
Our services allow start-up businesses to purchase a single Cloud instance. The business can then scale up resources as it grows. This negates the need for the business to invest in hardware infrastructure, reducing the need for fund seeding for the start-up.Equal opportunity
Our Cloud based services allow for people to work from any location. this approach supports people with mobility issues to function from home, so negating the need negotiate transport challenges to and from offices.Wellbeing
Cloud services enable people to work from any location other than a traditional office environment. This provides people with the flexibility to work in an environment of their choosing.
This enables people to perform their duties in a way that supports their needs, whether this is caring duties or dealing with mental health issues away from an office environment.
Pricing
- Price
- £6.50 a unit
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
-
Trials are normally for a maximum of 3 month.
Professional Services time is normally chargeable.