SMS: Not-for-Profit (Charity) messaging platform

Service scope

Software add-on or extension: Yes, but can also be used as a standalone service
What software services is the service an extension to: Any platform offering an API
Cloud deployment model: Private cloud
Service constraints: None
System requirements: No requirements needed, nothing to install client side

User support

Email or online ticketing support: Email or online ticketing
Support response times: Target response 1 hour
User can manage status and priority of support tickets: Yes
Online ticketing support accessibility: None or don’t know
Phone support: Yes
Phone support availability: 9 to 5 (UK time), Monday to Friday
Web chat support: No
Onsite support: No
Support levels: Support level 1:
Mon-Fri 9-5pm (excl holidays)

Support level 2:
24 hour support 5 days per
Week (excl holidays)

Support level 3:
24 hour support 7 days per
Week (inc. holidays)
Support available to third parties: Yes

Onboarding and offboarding

Getting started: Online training.
Onsite Training
Documentation.
Online walk through.
Service documentation: Yes
Documentation formats: PDF
End-of-contract data extraction: We can remove data or the client can remove all data.
End-of-contract process: -Shut down the operational system
-Eliminate the SMS routing infrastructure associated with your system
-Delete all computer files
-Physically remove hard disc drives from your system and have these destroyed
-Physically remove the memory from your system and destroy
-Destroy all files and records

The shutdown is chargeable based on the size of your infrastructure with us.

Using the service

Web browser interface: Yes
Supported browsers: Internet Explorer 11

Microsoft Edge

Firefox

Chrome

Safari

Opera
Application to install: No
Designed for use on mobile devices: Yes
Differences between the mobile and desktop service: Cut down version available via mobile.
Service interface: No
User support accessibility: None or don’t know
API: Yes
What users can and can't do using the API: Many clients use our service via API link.
API documentation: Yes
API documentation formats: HTML

PDF

Other
API sandbox or test environment: No
Customisation available: Yes
Description of customisation: Interface can be customised.

Scaling

Independence of resources: Private system and SMS routes.

Analytics

Service usage metrics: Yes
Metrics types: Full reporting and analytics directly available.
Reporting types: API access

Real-time dashboards

Regular reports

Reports on request

Resellers

Supplier type: Not a reseller

Staff security

Staff security clearance: Other security clearance
Government security clearance: Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: United Kingdom
User control over data storage and processing locations: No
Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency: At least every 6 months
Penetration testing approach: In-house
Protecting data at rest: Physical access control, complying with another standard

Encryption of all physical media
Data sanitisation process: Yes
Data sanitisation type: Deleted data can’t be directly accessed
Equipment disposal approach: In-house destruction process

Data importing and exporting

Data export approach: Excel/ CSV
FTP
Copy/Paste
Data export formats: CSV
Data import formats: CSV

Data-in-transit protection

Data protection between buyer and supplier networks: Private network or public sector network

TLS (version 1.2 or above)

Legacy SSL and TLS (under version 1.2)
Data protection within supplier network: TLS (version 1.2 or above)

Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability: P1 - Urgent = Major service loss. Target initial response time 2 normal business hours, Target resolution time 6 normal business hours

P2 - High = Major service affecting. Target initial response time 4 normal business hours. Target resolution time 2 normal business days after initial response.

P3 - Medium = Minor service affecting. Target initial response time 24 normal business hours. Target resolution time 7 normal business days after initial response.

P4 - Low = Not service affecting. Target initial response time 24 normal business hours. Target resolution time next software release
Approach to resilience: We adopt a full ‘hot standby’ mirrored infrastructure at a secondary location. In the unlikely event of a total site failure situation, the system automatically switches to the secondary site; users will have no interruption to services.

Real-time backups are performed on all of our systems and databases. Our secondary site is a mirrored hot standby clone of the primary – each site has its own backup running.

In a total site failure event we have the ability to recover data right up to the point of failure automatically. Additionally we run heartbeat software between the two sites, which constantly monitor the health of the other. Should there be a P1 issue an automated failover is triggered.
Outage reporting: Email alerts.
SMS Alerts.
API.
User Dashboard.

Identity and authentication

User authentication needed: Yes
User authentication: 2-factor authentication

Public key authentication (including by TLS client certificate)

Identity federation with existing provider (for example Google Apps)

Username or password
Access restrictions in management interfaces and support channels: Passkeys
Access restriction testing frequency: At least every 6 months
Management access authentication: 2-factor authentication

Public key authentication (including by TLS client certificate)

Username or password

Audit information for users

Access to user activity audit information: Users have access to real-time audit information
How long user audit data is stored for: At least 12 months
Access to supplier activity audit information: Users have access to real-time audit information
How long supplier audit data is stored for: At least 12 months
How long system logs are stored for: At least 12 months

Standards and certifications

ISO/IEC 27001 certification: No
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: No
Cyber essentials: No
Cyber essentials plus: No
Other security certifications: Yes
Any other security certifications: ISO27001

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: ISO/IEC 27001
Information security policies and processes: We adhere to requirements under levels - BIL0, BIL1, and BIL2

IL2 (Protect) is the minimum security level which all our services operate at this implemented across the organisation.

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: We adhere to requirements under levels - BIL0, BIL1, and BIL2

IL2 (Protect) is the minimum security level which all our services operate at this implemented across the organisation.
Vulnerability management type: Supplier-defined controls
Vulnerability management approach: We follow all governmental standards and recommendations.
Patches are applied and tested real-time.
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: We respond to incidents or potential incidents immediately.
Incident management type: Supplier-defined controls
Incident management approach: Mobisoft Corporation adopts an Information Security Management System (ISMS) that complies with the ISO 27001:2005 standard.

To ensure business continuity and minimise disruption to business functions by preventing and minimising the impact of security incidents.

Our Information Security Policy demonstrates the direction and commitment of Mobisoft to information security, both in order to protect its own information assets and more importantly, those provided to us by partner organisations/third parties.
We maintain an effective documented ISMS based on the requirements of ISO IEC 27001:2005, to ensure that we have a documented method of control that protects Mobisoft, its customers and stakeholders.

Secure development

Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks: No

Equal opportunity: Equal opportunity

Mobisoft Corporation is committed to promoting equality of opportunity and good race relations and avoiding racial discrimination.
The Race Relations (Amendment) Act 2000 has placed a general duty to have due regard to the need to eliminate unlawful racial discrimination, promote equality of opportunity and promote good relations between people of different racial groups.
This policy has been developed with regard to the Code of Practice issued by the Commission for Racial Equality.
Mobisoft Corporation will ensure that in the conduct of all their activities, steps are taken to avoid the occurrence of racial discrimination, whether direct or indirect, and to promote good relations between different racial groups. Any unlawful discriminatory behavior, including harassment or bullying by individuals or groups, will be regarded extremely seriously and could be regarded as grounds for disciplinary action.
This will include staff and in particular those from different racial groups,

Guidance, support and training will be provided to members of staff to ensure that the company’s commitment to race equality is fully realised.
Mobisoft Corporation has in place arrangements to monitor the selection and recruitment of members of staff. The results of this monitoring process are collated.
Mobisoft Corporation is responsible for securing compliance with the general and specific duties and for overseeing implementation of the Action Plan. Those with managerial responsibilities have a duty to take forward specific actions under this policy as identified in the action plan in addition to the general duties under the Act.
Review. The Race Equality Policy will be reviewed annually to assess its effectiveness.

Pricing

Price: £0.02 a unit
Discount for educational organisations: Yes
Free trial available: Yes
Description of free trial: System and support is included

SMS: Not-for-Profit (Charity) messaging platform

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Pricing

Service documents

Cookies on Digital Marketplace

SMS: Not-for-Profit (Charity) messaging platform

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents