Cloud Work

Cloud-native telephony, Unified Comms platform, delivered over the Internet, consumed "as-a-Service"


  • Full-featured telephony to desk, PC, tablet and mobile phones
  • Audio & Video Conferencing, up to 999 & 500 participants
  • Call Recording on-demand and automatic on extensions / hunt groups
  • Unified Messaging Voicemail and fax to/from Email
  • Intuitive unified client accesses all features from one interface
  • Includes minimum 500 UK minutes /user /month pooled
  • Live & Historic Call reporting, QoS analytics of call quality
  • User friendly portal for user changes and administrator configurations
  • Carrier-grade security, scale, high availability with cloud-economics
  • Open software RESTful APIs offering 150+ integrations


  • Extends corporate environment to remote users and DR situations
  • Enterprise-scale meetings, collaboration on any device, any time
  • Ideal for on-going training, compliance, knowledge bases
  • Migration path from voicemail & fax machines to digitised storage
  • Easy to learn, easy to use, encourages user take-up
  • Unifies front-office and back-office communications needs
  • Helps control variable costs
  • Easy to access Management Information, system administration and fault isolation
  • Unlocks software workflow efficiencies, eliminating errors and enables faster innovation
  • Better service assurance than self-build or hosted alternatives


£9.25 to £18.50 per user per month

Service documents


G-Cloud 11

Service ID

1 6 8 9 0 7 0 8 9 8 4 3 5 2 9



Neil Harmes

0800 3288077

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Off the shelf integrations can be found at, including O365, G-Suite and Skype for Business.
Bespoke integrations are available through the API developer wizard.
Cloud deployment model
Private cloud
Service constraints
System requirements
  • Supports Windows, Chrome OS, iOS PCs and laptops
  • Supports iOS and Android mobile phones
  • Requires a client to be installed

User support

Email or online ticketing support
Email or online ticketing
Support response times
Depending on severity of the issue depends on speed of response.
S1 30 mins
S2 4 hours
S3 24 hours
S4 60 hours
User can manage status and priority of support tickets
Phone support
Phone support availability
24 hours, 7 days a week
Web chat support
Onsite support
Yes, at extra cost
Support levels
On site deployment services, on-site training as part of the on-site professional services charge.
Support available to third parties

Onboarding and offboarding

Getting started
We provide live interactive training sessions as part of deployment: 3 hours for Administators and multiple 1 hour sessions for Users to enable multiple groups to attend. Sessions are delivered remotely, using the Video Meetings feature of the platform itself, and these sessions are then recorded and available for future review by new joiners or attendees who want to re-watch their sessions. We also offer on-site deployment as an option, so that on the day of go-live, we have people walking the floor to suport users in their new environment, provide ad-hoc training etc. This model has proven very successful at ensuring users transition smoothly, and that take up amongst users is rapid and high.
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Most of the usage & configuration data held in the Admin Portal can be downloaded as management reports and emails or exported as a CSV file. Alternatively, if an integration is created to do so, data can also be extracted via the Cloud Work API to other 3rd party software. Call recordings can also be downloaded as MP3 files.
End-of-contract process
Prior to the end of the minimum term of service (contract term), you will be informed that the contract is coming to an end. You will have the option to renegotiate the contract to ensure business continuity on contract term end. If you choose to end the contract, the service will cease at the end of the minimum term of service.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 10
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Compatible operating systems
  • Android
  • IOS
  • MacOS
  • Windows
Designed for use on mobile devices
Differences between the mobile and desktop service
The mobile app and desktop/ laptop client are essentially the same unified client accessing the same features through the same user interface
Service interface
Description of service interface
System and User configuration is performed via the BT Cloud Work Admin Portal which is an intuitive web portal accessed via the Internet. Role-based permissions can be given by the SuperUser to enable devolved self-service rights, so that system and user parameters can be set without the traditional model need to log tickets via a helpdesk, avoiding the associated delay that that model requires.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
What users can and can't do using the API
BT Cloud Work is architected to be an open platform that can be integrated with 3rd party software. It offers a REST API and a developers portal with tools, SDKs and support environment. Many 3rd party vendors and existing customers have used the API and we have over 120 integrations which are testament to the viability of API integration into the platform. The functionality available has been wide, from core functionality like directory integration, calendar integration, click to dial, cloud-drive integration, call log integration into CRM etc., to more bespoke functionality that individual customers or specialised applications need.
API documentation
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Customisation available
Description of customisation
Customers may customise BT CW using the Open API to integrate into other open software. Operationally, BT CW offers an intuitive web-based Admin Portal where SuperUsers and Users can be given a variety of privileges to make configuration changes to the system and/or their own profile (e.g. where and how to route calls, music/messages on hold, assigning users into user/hunt groups, ordering new lines and users etc.). The principle is one of self-service rather than relying on support teams.


Independence of resources
A carrier-scale, cloud based network, operated to not exceed 25% capacity, when additional capacity is built. Being cloud-native, all the functionality is in the platform, distributed between multiple server clusters in multiple distributed data centres. The performance is dependent on the network connectivity from the platform to the end device, namely the WAN, LAN, WiFi or 4G networks. Should network performance be an issue during a call, calls use a rate adaptive OPUS codec monitoring call quality during a call and will dynamically adjust to a different encoding during a call if quality is threatened, optimising performance.


Service usage metrics
Metrics types
Cloud Work provides a host of usage metrics. The call log holds up to 100,000 call details per billing account, with details and analytics information of each call e.g. to/from, time/duration of call, call quality, device type, codec used, latency, jitter, packet loss, network type, network provider etc.. Cloud Work UC also inherently offers moderate call centre functionality, so live reporting is available for metrics such as agents available, calls answered/ missed/ queuing, average call duration/talk time, #calls in/outbound, service levels vs set thresholds etc per user or huntgroup etc.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type
Reseller providing extra support
Organisation whose services are being resold

Staff security

Staff security clearance
Staff screening not performed
Government security clearance

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Most of the usage & configuration data held in the Admin Portal can be downloaded as management reports and emails or exported as a CSV file. Alternatively, if an integration is created to do so, data could potentially be extracted via the Cloud Work API to other 3rd party software.
Data export formats
  • CSV
  • Other
Other data export formats
Data import formats
  • CSV
  • Other
Other data import formats
  • Google Directory
  • Microsoft Active Directory

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
99.999% = < 5.3 mins downtime a year
Approach to resilience
The platform is architected to run with active-active server clusters within a DC, then servers are run as "pods" across geo-redundant DCs across Europe. Capacity is typically expanded once a 25% capacity is reached, which allows plenty of spare capacity for active-active failover if necessary for upgrades or failure recovery without impacting performance. Further inherent service resilience comes in the form of being able to automatically route calls to users via alternative endpoints such as soft clients, mobile phones, alternative hard phones (e.g. remote office, home-office etc) if some endpoints are not available.
Outage reporting
Service Levels are reported monthly for BT and will capture details of availability and any individual outages that affected customers. Any potential service interruptions such as planned engineering works may also be notified to customers although our multi-tenanted, multi-homed platform means that upgrades occur without service impact to users.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
Access restrictions in management interfaces and support channels
Access to the Admin Portal can either use TLS or integrated Single Sign On with applications eg G-Suite
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Between 1 month and 6 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
Between 1 month and 6 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
RingCentral requires annual internal acknowledgement of information security policies. All customer data is destroyed within 30 days of account termination and all internal confidential material is shredded or put in locked shredding boxes when they are no longer needed or if the applicable defined retention period has expired. Internal policies and procedures ensure IT equipment and media is properly wiped and discarded.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
RingCentral’s network and application perimeter is protected with firewalls and session border controllers. Administrative access requires authenticating through a production VPN gateway, then authenticating to local infrastructure systems. Technology layers include intrusion detection systems, system logs, and fraud analytics. Operational processes include system and service-level monitoring, system hardening, change management, and regular vulnerability scans.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We do have dedicated Security staff responsible for vulnerability management and as part of the vulnerability management process, we perform vulnerability scans on a daily basis. Patching priority is based on vulnerability severity. Vulnerability scans run on a daily basis on our critical systems. Patches are applied based on severity level of the vulnerability. Penetration testing is performed once a year (at least). We perform code scans pre-deployment and post-deployment. Post-deployment scans are done for mobile and desktop apps.
Protective monitoring type
Protective monitoring approach
Incident management type
Incident management approach

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks


£9.25 to £18.50 per user per month
Discount for educational organisations
Free trial available

Service documents

Return to top ↑