CW Squared Ltd

Voice for Microsoft Teams

Leverage your investment in Microsoft Teams to bring enterprise-grade network and resilience to your business voice communications, whilst enjoying significant cost savings compared to Microsoft calling plans and allowing you to extend the value of your existing 365 licence fees.

Features

  • Integrates telephony natively with Microsoft Teams
  • Deployed in the cloud
  • Integrates with business applications such as CRM
  • Removes key obstacles associated with 3rd party communications solutions
  • Direct Routing integration with no bots or plugins
  • Comprehensive analytics with full insight into calling quality and performance
  • Global PSTN connectivity: free calls in up to 38 countries
  • Number porting: keep the same geographical number wherever you are

Benefits

  • Never miss a call: tailored enterprise-grade business continuity
  • No on-premise SBC equipment or expertise required
  • Fully managed service with a single dedicated contact
  • Significant cost savings compared to Microsoft's limited calling plans
  • Online access to business insights such as call handling efficiencies
  • AI-powered reporting and analytics via Power BI
  • Robust quality of service and service level agreements
  • Fully managed service with a single dedicated contact
  • High availability and 24/7 helpdesk
  • Enhanced user experience without leaving the familiar Teams interface

Pricing

£4 a user a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at public.sector@cw-squared.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

3 2 2 0 8 5 2 2 7 9 6 6 9 0 8

Contact

CW Squared Ltd Public Sector team
Telephone: 020 7167 4349
Email: public.sector@cw-squared.co.uk

Service scope

Software add-on or extension
Yes
What software services is the service an extension to
Microsoft Teams E1-E5
Cloud deployment model
Public cloud
Service constraints
No
System requirements
  • Microsoft O365 E1-E4 licence + Microsoft Phone System licence
  • Microsoft O356 E5 licence (Microsoft Phone System licence included)

User support

Email or online ticketing support
Email or online ticketing
Support response times
Service level targets - Feedback Timescales
Severity Level - Response Time
P1 (Critical) - 30 Minutes (max)
P2 (High) - 60 Minutes
P3 (Non-critical) - 4 Hours

Service level targets - Resolution Timescales
Severity Level - Response Time
P1 (Critical) - ASAP
P2 (High) - One Day
P3 (Non-critical) - Five Days
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
We have assessed our web chat against GDS standards via a dedicated accessibility testing report.
Onsite support
Yes, at extra cost
Support levels
We have a single level of support provided to all clients. All support fees are included within the monthly license fees. All clients are assigned a technical services engineer to manage their project through to successful deployment. Post deployment, we have four tiers of support that will assist with all questions or queries. The Technical services team will assist with any major changes to business processes and deployment/training of new features.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
All solutions are deployed by our fully trained technical services engineers (TSE) who will manage the deployment project from start to finish. The TSE will provide onsite and / or remote training supported by documentation and knowledge base articles held on the support desk portal.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
The solution has simple data download processes built into the interface. Therefore, a user with sufficient admin permissions will be able to extract the client data when the contract ends. If necessary, the support team can upload the requested data to a secure FTP service chosen by the buyer.
End-of-contract process
At the end of the contract the buyer's recordings and data can be uploaded to a secure FTP site of the buyers choosing.
Once the buyer has confirmed receipt the buyer's system will be securely purged of all software and associated data.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
None
Service interface
Yes
Description of service interface
Browser based console to allow user management, config, etc.
Accessibility standards
None or don’t know
Description of accessibility
Configuration is available to users via a browser interface, which can use assistive technologies
Accessibility testing
None - the interface is configuration only
API
Yes
What users can and can't do using the API
REST APIs
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Configuration is available to end users and supervisors

Scaling

Independence of resources
Solution is highly scalable and hosted by a combination of Amazon Web Services UK and Oracle Cloud. Highly available and scalable connectivity is provided by Aryaka SD-WAN

Analytics

Service usage metrics
Yes
Metrics types
Monthly summary call statistics and spending is sent via email to nominated users. CDR extracts can be emailed or uploaded daily to secure FTP if required.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
8x8, Intrado

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
Other
Other data at rest protection approach
All hosting is cloud based. All virtual disks will be specified as encrypted. The cloud provider will implement physical access control.
Data sanitisation process
No
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Data exports can be done manually through the service interface by users with sufficient security privileges. The exported data will be provided in comma delimited csv format. Any call recordings will be provided in mp3 format.
Data export formats
CSV
Data import formats
  • CSV
  • Other
Other data import formats
Data can be uploaded via the OpenAPI

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
99.95% availability target with service credits.
Approach to resilience
Multiple SIP trunks and PSTN carriers so that the service is not dependent upon a single carrier. Hosting in cloud data centres (AWS and Oracle cloud) with failover.
Outage reporting
Any outages are reported via email alerts, plus a public dashboard

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Access can be locked down to specific IP ranges and requires username/password over TLS. Standard Microsoft role-based access controls.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
Between 1 month and 6 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 1 month and 6 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • CyberEssentials
  • Our suppliers hold ISO27001 and PCI certifications

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Our solutions provide an ISO 27001 information security management system (ISMS) providing a management framework of policies and procedures that will keep your information secure, whatever the format.
ISO 27001 certification demonstrates that we have identified the risks, assessed the implications and put in place systemised controls to limit any damage to ourselves as an organisation and any of our customers.
We take internal and customer data security as paramount when we implement and manage systems.
Monthly audits take place to ensure ISO 27001 compliance with all results reported to the senior management team.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Each change is initiated as a Request – better known as a "Request for Change (RFC)”. This request will also serve as a record and as evidence that a particular change has been requested. The change can be initiated internally or externally, and will be registered in a specific form on the support portal.
The RFC is received by a person who is responsible for analysing it, so this person is the first filter. This person is responsible for studying the details of the request and identifying the potential impact to the business, including economic and information security impact.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We use OWASP, Open Web Application Security Project, tools to perform vulnerability testing. The OWASP method is based on the black box approach. The tester knows nothing or has very little information about the application to be tested. Once a potential threat is identified it is sent through the RFC process to ensure we follow our processes and anything that has a business critical impact is addresses as a top priority.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
We use OWASP, Open Web Application Security Project, tools to perform vulnerability testing. The OWASP method is based on the black box approach. The tester knows nothing or has very little information about the application to be tested. Once a potential threat is identified it is sent through the RFC process to ensure we follow our processes and anything that has a business critical impact is addresses as a top priority.
Incident management type
Supplier-defined controls
Incident management approach
All incidents are logged and tracked through our online helpdesk portal. Any new incidents reported via email/phone/chat will be logged as a new ticket with all relevant information. All updates are provided via email through the helpdesk and phone calls where necessary. Each ticket is handled by the 1st line team and escalated to other teams as required.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Yes
Connected networks
Public Services Network (PSN)

Pricing

Price
£4 a user a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at public.sector@cw-squared.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.