Daisy Corporate Services Trading Limited

Daisy Hosted UC

Daisy Hosted UC allows customers to deploy their Mitel UC service platform onto a fully monitored and managed infrastructure with minimal upfront capital investment or in house skill. The platform is highly scalable and cost effective and replaces the need for customer site PBX equipment.


  • Fully managed Enterprise grade infrastructure to support Mitel UC services
  • Full dual data centre supported with 99.998% availability
  • Rapid scalable deployment to meet changing customer requirements
  • Fully proactively managed with 24/7 support
  • Highly resilient WAN connections for customer connectivity
  • Dual NNI’s with a number of key WAN providers
  • Connectivity in place with Gamma for SIP integration
  • Seamless failure of services between data centres


  • Fully managed voice grade infrastructure
  • Commercially advantageous with Opex model for infrastructure only
  • Reduces customer IT team requirements
  • Allows simple migration from on-premises to hosted UC
  • Highly scalable and flexible infrastructure
  • Simple WAN integration at customer locations


£83.18 to £750.38 a unit a month

  • Education pricing available

Service documents


G-Cloud 12

Service ID

2 5 3 9 5 4 9 9 1 0 2 6 9 8 2


Daisy Corporate Services Trading Limited Andy Riley
Telephone: 07540 203 303
Email: publictenders@daisygroup.com

Service scope

Software add-on or extension
Cloud deployment model
Private cloud
Service constraints
Appropriate connectivity from customer site into our Data Centres must be in place. SIP services must be in place which will mean signing an additional order
System requirements
Hosted UC is currently built to support Mitel applications only

User support

Email or online ticketing support
Email or online ticketing
Support response times
15 mins for priority 1 incidents and 24 hours for service requests
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
24 hours, 7 days a week
Web chat support
Onsite support
Yes, at extra cost
Support levels
There are two levels of support available to suit different customer needs : Premium (24/7) and Standard (8-6). In certain scenarios an engineer maybe allocated to a customer account. Our hosted solutions are supported by Tier 3 engineers.
Support available to third parties

Onboarding and offboarding

Getting started
There is no training required for the service. The HostedUC services are built and deployed by Daisy on the customers behalf onto the platform in line with the customer design requirements captured in the Solutions Document. Training is available for the Mitel solution which will sit on the platform, if required.
Service documentation
End-of-contract data extraction
Configuration data can be exported on request by the support team. Analytics and CCM data can be downloaded in the format of a report.
End-of-contract process
A Customer may choose to “off-board” their systems to stop taking Services from Daisy. The Customer must submit a formal request into their account manager (directly or via the Service desk), who will assist in arranging any required off-boarding services and the deletion of Customer data. Once the required works are agreed and the Customer has exported their data, Daisy will shut down and destroy any remaining Virtual Machines. Fees will apply for off-boarding technical work and process management.

Using the service

Web browser interface
Application to install
Compatible operating systems
Designed for use on mobile devices
Differences between the mobile and desktop service
Client needs to be installed on mobile phone.
Service interface
Description of service interface
Web-Based Management: An administrator can administer a multi-platform MiVoice Business solution from their web browser as if it was a single platform solution. System changes are automatically synchronized across the solution, and management control and tasks can be delegated across the organization, rather than relying on a centralized point.
Accessibility standards
None or don’t know
Description of accessibility
Configuration Management Access: A System Administrator Policy controls access to forms in the System Administration Tool. When you create a policy, you set permissions that grant Read or Read/Write access to forms. You can also deny access to forms, which hides them from the user. Giving different users tailored access rights to the telephone system from changing names to adding users to hunt groups, pick up groups or just adjusting the call forwarding requirements.
Accessibility testing
Customisation available


Independence of resources
Capacity management, cpu and memory management, segregated networking devices


Service usage metrics


Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Configuration data can be exported on request by the support team. Analytics and CCM data can be downloaded in the format of a report.
Data export formats
Other data export formats
Same format they were uploaded
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • IPsec or TLS VPN gateway
  • Other
Other protection between networks
Each customer, or service is within it's own context and so data between networks requires a physical exit point via a layer3 device, i.e. router when controls are not required, i.e. customer WAN to VoIP services, or via firewall when control and policy is required
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
We operate a MPLS core with each network and customer existing in a dedicated routing instance which keeps traffic separated at layer2 and layer3 protocols.There is no inherit encryption on the network layers so if end to end encryption is required then IPSEC AES256 etc is used.

Availability and resilience

Guaranteed availability
Service Availability is 99.80% for single DC solutions and 99.99% for dual DC solutions
Approach to resilience
Physical host and core network resilience are included as standard and application resiliency is optional. Physical Host: In the event of a disaster situation impacting the physical host that the Virtual Machine is sitting on, Daisy will automatically move the Virtual Machine across to a new host. This may cause interruption to service and may require a reboot of the virtual machine to restore full service. Core Network: Daisy's core network has resilient connectivity to our WAN providers over diverse interconnects which are located in different data centre's. They are set up using eBGP sessions to ensure an automatic failover should a disaster occur. Applications : Application resiliency can be achieved by configuring a second instance of the application in the secondary data center. This purchasable option is currently available for the MiVoice for Business, MBG SIP, MBG Teleworker, MBG SRC and MiCC IVR applications. In a disaster recovery situation if the applications suffer a loss of connectivity they will automatically failover to the second instance. In some scenario's manual intervention maybe required by Daisy to initiate the failover.
Outage reporting
We have monitoring tools in place to monitor the underlying infrastructure. The alerts are sent into the ECB (Event Correlation Bus) and this then enriches and adds context to the alerts and routes them into our ITSM tool. The ITSM tool then automatically generates a ticket and when a ticket is opened this automatically notifies the customer through email. Further options are available where the ECB tool can also alert the customer via email or SMS directly.

Identity and authentication

User authentication needed
User authentication
Other user authentication
Customers do not have access to the underlying infrastructure. All access is through the Mitel applications
Access restrictions in management interfaces and support channels
No access available other than through Mitel applications
Access restriction testing frequency
Management access authentication
Description of management access authentication
Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date
13/09/2013 original certification
What the ISO/IEC 27001 doesn’t cover
Scope is all Daisy sites and services requiring security certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
Through the establishment of a comprehensive security framework, Daisy shall demonstrate a commitment to protect all assets that support the delivery of business objectives and address all legal, regulatory and contractual obligations. The following ISO27001 Group clause & objectives are referenced within this document: Clause 5, & Control objectives: A6, A9, A11, A13.2, and A14 Data Protection Policy Site Security Policy CCTV Policy

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
We follow an ITIL - based formal change request process. Customers can raise MAC's using either over the telephone or through the portal. Once raised, these requests are scheduled, managed and executed. We have dedicated change engineers that perform changes where no Project Management or Professional Services are required. If PM or PS is required then this is managed through the appropriate team.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Vulnerability scanning is included in the Daisy security framework, to help monitor the effectiveness of existing security controls and identify any weaknesses. The IT security Manager in consultation with Head of Compliance shall coordinate vulnerability scanning activities including: • identifying the scope of testing • monitor manufacturer and vendor sites for information updates regarding vulnerabilities Should the vulnerabilities be assessed as not posing an immediate threat to operations, security patches or code fixes shall be subject to change control requirements ( testing etc.) prior to deployment. Daisy support record activities in a service management ticket for tracking and audit purposes
Protective monitoring type
Protective monitoring approach
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Knowledge based articles and FAQ's are created for support teams for common incidents. This ensures incidents are dealt with as quickly and as efficently as possible. Incidents can be logged via the Portal, email and telephone. Incident reports are generated by Service Management Team. Customer wil have access to incidents via a user portal which will show resolution. Our portal also provides a standard set of reports which customers can use to look at incidents raised.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks


£83.18 to £750.38 a unit a month
Discount for educational organisations
Free trial available

Service documents