BTS Holdings plc

Cloud Call Logging Lite

Call reporting services for landlines and mobile devices. Supporting all types of telephony.


  • Customised reports delivered by email or Web Portal
  • Proactive reporting of potential fraud and faults


  • Provide reports to your requirements run by experts
  • Quickly access adhoc report information


£0.04 to £0.08 a device a month

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 12

Service ID

1 7 7 8 4 9 9 3 1 4 3 1 1 4 3


BTS Holdings plc Jon Kendall
Telephone: 02084019000

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Directory solutions providing staff details
Cloud deployment model
Private cloud
Service constraints
Data needs to be accessed from customer network, as such requiring a VPN connection or similar
System requirements
Access to customer call data for processing

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response times are within 4 hours, Monday to Friday 08:30-17:30
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Standard support is provided Mon-Fri 08:30 to 17:30. Custom support levels are available in addition to this at extra cost
Support available to third parties

Onboarding and offboarding

Getting started
BTS provide onsite training and consultancy where required as part of the service. Full documentation is also provided for the service.
Service documentation
Documentation formats
End-of-contract data extraction
Customers can request any final reports on their data prior to the end of the contract.
End-of-contract process
At the end of the contract all customer data is deleted from the Cloud

Using the service

Web browser interface
Application to install
Designed for use on mobile devices
Service interface
Customisation available


Independence of resources
BTS manage the data centre to ensure all clients have sufficient resources.


Service usage metrics
Metrics types
Monthly information:
Number of regular reports provided
Number of ad-hoc reports provided
Any period of data loss (interruption to data collection)
Reporting types
Regular reports


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
Less than once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Export of data is either completed via the Web Portal or by email request to the Service Team
Data export formats
  • CSV
  • Other
Other data export formats
Data import formats
  • CSV
  • Other
Other data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
If the Contractor fails to commence collection of call data, necessary for the provision of the Managed Service, by the agreed Commencement Date of Data Collection set out in the Service Level Agreement, or such revised date as may be agreed, and the Customer shall have suffered a loss, the Customer shall be entitled to receive a Credit to be offset against the Managed Service Charge for the immediately following period by way of liquidated damages.
This Credit shall be based on the aggregate sum payable for the Managed Service for the period covered by the Customer’s Purchase Order or the first 12 months of the Contract, whichever is shorter, and it shall be set at ½% of this figure for each full week between the Commencement Date or revised Commencement Date and the actual Commencement Date, but the amount of such Credit shall not in any case exceed 10% of this figure and such Credit shall be in full satisfaction of the Contractor's liability for the said failure. The Contractor and Customer agree that such sum is a genuine pre-estimate of the Customer’s loss arising from such delay.
Approach to resilience
Resiliency is generally defined as part of the contract and hardware and equipment provisioned accordingly to deliver the level of resilience the customer specifies.
Outage reporting
Customers are informed of any outages by email.

Identity and authentication

User authentication needed
User authentication
Username or password
Access restrictions in management interfaces and support channels
Users are created within the system and their information access is defined as part of this process
Access restriction testing frequency
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
Less than 1 month

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
Our Information Security Policy has been developed following the guidelines of ISO 27001 (formerly ISO 17799), 'Information Technology - Code of Practice for Information Security Management'.
Information security policies and processes
Our Information Security Policy has been developed following the guidelines of ISO 27001 (formerly ISO 17799), 'Information Technology - Code of Practice for Information Security Management'. All staff receive training on this policy which is monitored and reported against as part of our ISO 9001 accredited QMS.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
BTS uses a system of change management based on Prince 2 to document and review the risks of all changes including their security implications.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
All our services are reviewed for potential treats and weaknesses both during design and throughout operational life.

Where a potential threat is identified, patches are applied as soon as reasonably practical.

We monitor alerts from National Cyber Security Centre and receive notification from both Microsoft and Symantec.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Where necessary we monitor user activity and access to ensure users can be made accountable for their actions and to detect unauthorised activity and access that is either suspicious or is in violation of security policy requirements.
Incident management type
Supplier-defined controls
Incident management approach
All security incidents must be reported immediately to Line Manager and the Resources Director who will:
• Acknowledge receipt of incident report
• Place incident on BTS Issues List for review at Management Review Meeting
• Copy incident report to relevant 3rd Party organisations
• Conduct initial investigation of reported incident
• Review relevant security procedures to prevent recurrences
• Initiate any disciplinary procedures that may be required
• Report back to individual reporting the incident, Management Review Meeting and any other interested parties informing them of outcome of the investigations and any procedural changes that are to be implemented

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£0.04 to £0.08 a device a month
Discount for educational organisations
Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.