GCI Talk is GCI’s Hosted Voice over IP solution, a carrier-grade Unified Communications proposition with a complete set of collaboration features utilising VoIP technology, providing all the benefits of a traditional telephone system with additional features such as call recording, video conferencing, screen sharing, mobile integration and multi-media analytics.
- Carrier grade enterprise hosted IP voice platform
- High availability Geo-redundant server infrastructure
- Powerful multi-media analytics tools
- Mobile integration and collaboration
- Real-time call reporting and statistics
- High end Unified Communications feature set
- On-line conferencing and video calling
- Fully scalable platform
- Call bundle packages available
- Range of IP handsets or desktop and mobile soft clients
- Mobile SIM packages available
- Global platform access via the Internet
- Full PSTN replacement and number porting
- International service and numbering options
£3.40 per person per month
- Free trial available
- Pricing document
- Skills Framework for the Information Age rate card
- Service definition document
- Terms and conditions
- Modern Slavery statement
GCI Network Solutions Ltd
0844 443 4433
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
|Service constraints||Customer requires an Internet connection to access the service.|
|System requirements||Internet connectivity|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
P1 - Within 1 hour (24x7)
P2 - Within 2 hours (Operating Hours)
P3 - Within 3 hours (Operating Hours)
P4 - Within 4 hours (Operating Hours)
P5 - Within 8 hours (Operating Hours)
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Critical - System/Site/Service is completely unavailable. Critical business impact. Service desk engineers make critical cases a priority and respond within 1 hour.
High - System/Site/Service severely degraded for all Users. Workaround is possible or solution is able to run on back-up. Service desk engineers will respond within 2 hours.
Medium - System/Site/Service is degraded. A group of users are experiencing a degradation of service but are still able to work. Business critical work is not seriously impacted. Service desk engineers will respond within 3 hours.
Low - Low impact and urgency. Work-around is possible. No direct impact to business-critical work. Service desk engineers will respond within four hours.
Informational - General queries, advice and guidance related to the System/Site/Service. Service desk engineers will respond within 8 hours.
Included as standard at no extra cost.
|Support available to third parties||No|
Onboarding and offboarding
We offer introduction and on-boarding documentation best practice guides.
Further documentation exists for some services such as soft clients.
Training in the form of "train the trainers" or online consumption is available.
Customer design and technical workshops can be run to ensure that a full list of requirements can be obtained and taken into consideration.
High and low-level designs are formulated by the requirements with a particular emphasis on understanding the focus of the business.
User roll out. Floorwalkers and technical professional services can be made available to ensure that clients are rolled out in an efficient and timely manner.
|End-of-contract data extraction||Data can be extracted or made available for download in several different formats via a Service Desk request.|
|End-of-contract process||Should a customer ever decide to cancel their service, GCI will make reasonable efforts to ensure that any data and technology switch-over or deletion runs smoothly.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Mobile devices can be integrated directly using a SIM card, or via a Soft Client providing standard SIP soft-phone functionality.|
|Accessibility standards||None or don’t know|
|Description of accessibility||
Access to the service portal is via web browser.
A SIP handset or SIP soft client is required for voice services.
Internet connectivity is required to access the service.
|Description of customisation||
The following areas can be customised:
Hunt Groups, IVRs, VoiceMail, Outbound CLI, Identity, Inbound Call Routing, Follow Me, Inbound Call Processing, Reporting, Wall Boards.
These are all accessed through the web portal and ability to customse is dependent on user access rights.
|Independence of resources||
Self load balancing server cluster setup ensure that all customers receive the optimum resource required.
80% excess capacity available at all times to handle exceptional traffic demands.
|Service usage metrics||Yes|
The analytics option provides a range of reports including:
Wall Board View - Site-wide
Wall Board View - Group
Daily Automated Reports
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||Other|
|Other data at rest protection approach||
Servers that contain data at rest have strict firewall and server based IP Table protection where data can only be accessed through SSH access from a limited range of IP addresses which are secure locations.
Both the firewalls and the servers have also brute force protection.
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||Either by download as MP3 for items such a call recordings, or CSV for items such as CDRs.|
|Data export formats||
|Other data export formats||MP3|
|Data import formats||
|Other data import formats||
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
|Other protection within supplier network||We run an internal MPLS network with firewalls to protect traffic.|
Availability and resilience
GCI does not offer any Service Level commitments in respect of the GCI Talk service. GCI will endeavour to provide the Service in accordance with the target stated below but shall not be liable to the Customer for failure to meet the stated target.
Measure: Application up-time
Measurement Period: Calendar Month
Service Availability Target: 99.99%
|Approach to resilience||
To achieve transparent operation of a high availability (HA) solution that provides a resilient and fault tolerant operation, the GCI Talk Service provides HA access through secure, resilient pairing of services in the core architecture, each having unique numerical IP addresses.
Further information is contained in the Service Description document.
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||Username and password.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||URS|
|ISO/IEC 27001 accreditation date||1/2013|
|What the ISO/IEC 27001 doesn’t cover||Anything outside design, procurement, service transition and service delivery of full IT support, cloud security, compliance and network infrastructure solutions..|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Who accredited the PCI DSS certification||NCC Group|
|PCI DSS accreditation date||5/2018|
|What the PCI DSS doesn’t cover||Platforms that do not handle card holder data are not covered.|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||We have all policy relevant to ISO27001|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||GCI ensures all maintenance is approved and delivered in a controlled manner to minimise disruption. These changes can include but not limited to technical changes, optimisation activity, equipment or systems upgrades, delivery of orders or projects and testing, auditing, benchmarking or base-lining. GCI will use reasonable endeavours to ensure that the service is available 24 hours per day, 7 days a week, and 365/366 days per year. However, scheduled maintenance will be required at regular intervals. Scheduled maintenance is excluded from any service availability.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
Monthly vulnerability scan with remediation in line with accepted best practice.
Third party companies are used to identify weakness in our cyber security, and apply patches within 2-3 days to resolve them. We also subscribe to several information channels that provides us updates on general security vulnerabilities.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
GCI monitors availability of systems and services including up-time via a dedicated NOC team and associated tools. Response times are subject to published SLAs.
We also analyse web and VoIP traffic on the platforms to identify unusual activities. We use this data to improve our security and breach prevention.
|Incident management type||Supplier-defined controls|
|Incident management approach||GCI follows recommended ISO27001 policies for incident management.|
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£3.40 per person per month|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||
We build a customer deployment that can be tested by the customer and users.
There is usually a limited trial period of one month.
Call charges are not included.