GCI Network Solutions Ltd

GCI Talk

GCI Talk is GCI’s Hosted Voice over IP solution, a carrier-grade Unified Communications proposition with a complete set of collaboration features utilising VoIP technology, providing all the benefits of a traditional telephone system with additional features such as call recording, video conferencing, screen sharing, mobile integration and multi-media analytics.


  • Carrier grade enterprise hosted IP voice platform
  • High availability Geo-redundant server infrastructure
  • Powerful multi-media analytics tools
  • Mobile integration and collaboration
  • Real-time call reporting and statistics
  • High end Unified Communications feature set
  • On-line conferencing and video calling


  • Fully scalable platform
  • Call bundle packages available
  • Range of IP handsets or desktop and mobile soft clients
  • Mobile SIM packages available
  • Global platform access via the Internet
  • Full PSTN replacement and number porting
  • International service and numbering options


£3.40 per person per month

  • Free trial available

Service documents


G-Cloud 11

Service ID

2 9 2 1 0 2 2 9 5 0 8 0 0 8 9


GCI Network Solutions Ltd

Jane Hamilton

0844 443 4433


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints Customer requires an Internet connection to access the service.
System requirements Internet connectivity

User support

User support
Email or online ticketing support Email or online ticketing
Support response times P1 - Within 1 hour (24x7)
P2 - Within 2 hours (Operating Hours)
P3 - Within 3 hours (Operating Hours)
P4 - Within 4 hours (Operating Hours)
P5 - Within 8 hours (Operating Hours)
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Critical - System/Site/Service is completely unavailable. Critical business impact. Service desk engineers make critical cases a priority and respond within 1 hour.
High - System/Site/Service severely degraded for all Users. Workaround is possible or solution is able to run on back-up. Service desk engineers will respond within 2 hours.
Medium - System/Site/Service is degraded. A group of users are experiencing a degradation of service but are still able to work. Business critical work is not seriously impacted. Service desk engineers will respond within 3 hours.
Low - Low impact and urgency. Work-around is possible. No direct impact to business-critical work. Service desk engineers will respond within four hours.
Informational - General queries, advice and guidance related to the System/Site/Service. Service desk engineers will respond within 8 hours.
Included as standard at no extra cost.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started We offer introduction and on-boarding documentation best practice guides.
Further documentation exists for some services such as soft clients.
Training in the form of "train the trainers" or online consumption is available.
Customer design and technical workshops can be run to ensure that a full list of requirements can be obtained and taken into consideration.
High and low-level designs are formulated by the requirements with a particular emphasis on understanding the focus of the business.
User roll out. Floorwalkers and technical professional services can be made available to ensure that clients are rolled out in an efficient and timely manner.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Data can be extracted or made available for download in several different formats via a Service Desk request.
End-of-contract process Should a customer ever decide to cancel their service, GCI will make reasonable efforts to ensure that any data and technology switch-over or deletion runs smoothly.

Using the service

Using the service
Web browser interface Yes
Supported browsers Chrome
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Mobile devices can be integrated directly using a SIM card, or via a Soft Client providing standard SIP soft-phone functionality.
Service interface Yes
Description of service interface The service interface is designed for administration of the service and for providing reporting, analytics and access to call recording where applicable.
Accessibility standards None or don’t know
Description of accessibility Access to the service portal is via web browser.
A SIP handset or SIP soft client is required for voice services.
Internet connectivity is required to access the service.
Accessibility testing None
Customisation available Yes
Description of customisation The following areas can be customised:
Hunt Groups, IVRs, VoiceMail, Outbound CLI, Identity, Inbound Call Routing, Follow Me, Inbound Call Processing, Reporting, Wall Boards.
These are all accessed through the web portal and ability to customse is dependent on user access rights.


Independence of resources Self load balancing server cluster setup ensure that all customers receive the optimum resource required.
80% excess capacity available at all times to handle exceptional traffic demands.


Service usage metrics Yes
Metrics types The analytics option provides a range of reports including:
Dashboard summary
Call Logs
System Alerts
Wall Board View - Site-wide
Wall Board View - Group
SMS Logs
Group Overview
Daily Automated Reports
Service Reports
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Other
Other data at rest protection approach Servers that contain data at rest have strict firewall and server based IP Table protection where data can only be accessed through SSH access from a limited range of IP addresses which are secure locations.
Both the firewalls and the servers have also brute force protection.
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Either by download as MP3 for items such a call recordings, or CSV for items such as CDRs.
Data export formats
  • CSV
  • Other
Other data export formats MP3
Data import formats
  • CSV
  • Other
Other data import formats
  • WAV
  • MP3

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network We run an internal MPLS network with firewalls to protect traffic.

Availability and resilience

Availability and resilience
Guaranteed availability GCI does not offer any Service Level commitments in respect of the GCI Talk service. GCI will endeavour to provide the Service in accordance with the target stated below but shall not be liable to the Customer for failure to meet the stated target.
Measure: Application up-time
Measurement Period: Calendar Month
Service Availability Target: 99.99%
Approach to resilience To achieve transparent operation of a high availability (HA) solution that provides a resilient and fault tolerant operation, the GCI Talk Service provides HA access through secure, resilient pairing of services in the core architecture, each having unique numerical IP addresses.

Further information is contained in the Service Description document.
Outage reporting Email Alerts
Monitoring Alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Username and password.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 URS
ISO/IEC 27001 accreditation date 1/2013
What the ISO/IEC 27001 doesn’t cover Anything outside design, procurement, service transition and service delivery of full IT support, cloud security, compliance and network infrastructure solutions..
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification NCC Group
PCI DSS accreditation date 5/2018
What the PCI DSS doesn’t cover Platforms that do not handle card holder data are not covered.
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes We have all policy relevant to ISO27001

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach GCI ensures all maintenance is approved and delivered in a controlled manner to minimise disruption. These changes can include but not limited to technical changes, optimisation activity, equipment or systems upgrades, delivery of orders or projects and testing, auditing, benchmarking or base-lining. GCI will use reasonable endeavours to ensure that the service is available 24 hours per day, 7 days a week, and 365/366 days per year. However, scheduled maintenance will be required at regular intervals. Scheduled maintenance is excluded from any service availability.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Monthly vulnerability scan with remediation in line with accepted best practice.

Third party companies are used to identify weakness in our cyber security, and apply patches within 2-3 days to resolve them. We also subscribe to several information channels that provides us updates on general security vulnerabilities.
Protective monitoring type Supplier-defined controls
Protective monitoring approach GCI monitors availability of systems and services including up-time via a dedicated NOC team and associated tools. Response times are subject to published SLAs.

We also analyse web and VoIP traffic on the platforms to identify unusual activities. We use this data to improve our security and breach prevention.
Incident management type Supplier-defined controls
Incident management approach GCI follows recommended ISO27001 policies for incident management.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £3.40 per person per month
Discount for educational organisations No
Free trial available Yes
Description of free trial We build a customer deployment that can be tested by the customer and users.
There is usually a limited trial period of one month.
Call charges are not included.

Service documents

Return to top ↑