Nexus Open Systems Ltd

Nexus Phone System

Phone System from Nexus enables you to make, receive, and transfer calls to and from phones, mobile phones, tablets, and PCs, from nearly anywhere that has Internet access. With Phone System, you don't need a separate telephony platform because users get all the calling features they need.

Features

  • Cloud based Private Branch Exchange (PBX)
  • Telephone call and dial plan management
  • Inbound and outbound call routing
  • Instant messaging, presence and meetings
  • Audio, HD video calling to Skype for Business users
  • Skype connectivity (presence, IM, audio and HD video calling)
  • Scalable on demand to suit the organisations needs
  • Automatic patching and rapid upgrade to new features
  • Hybrid deployment with on-premise PBX co-existence
  • Integration with call centre technologies

Benefits

  • Save money by moving your telephony to a cloud model
  • Reduce cost and complexity with one solution
  • Eliminates the need for separate PBX or telephony systems
  • Business-class support, guaranteed 99.9% uptime
  • PAYG pricing options, providing predictability and flexibility for organisations
  • Security and Manageability product for global scalability and reliability
  • Familiar look, easy to use, single place for meetings
  • Present, share, and take notes together in real time
  • Communications are protected by strong authentication and encryption
  • For new offices, remove the need for new hardware purchases

Pricing

£6.03 per user per month

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 10

467572113081776

Nexus Open Systems Ltd

Chris Goodwill

01392 205095

sales@nexusos.co.uk

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints Microsoft provide planned maintenance notifications which will inform customers about service infrastructure work that might affect some Cloud Services. The scheduling of this maintenance can be viewed online.
System requirements None

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Business Hours: 08:00 to 18:00, Monday to Friday, excluding bank holidays in England and Wales - Critical Issues (30 minutes); Major Incidents (2 hours); Moderate Incident (4 hours); Minor Incident (8 hours). Optional Outside Business Hours Service: 18:00 and 08:00, Monday to Friday, 24-hour period coverage during Saturday and Sunday including bank holidays (Excluding Christmas Day) in England and Wales. Remote and Telephone support for critical issues only with a response time of 30 minutes, any Onsite support would incur additional fees.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.0 AAA
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Support Levels: Basic - Service Desk Facility; Incident & Problem Management; Dedicated Account Management; Third Party Liaison; Escalation Procedure; Remote Support; Access to Customer Portal. Standard - Service Desk Facility; Incident & Problem Management; Dedicated Account Management; Third Party Liaison; Escalation Procedure; Remote Support; Access to Customer Portal; Service Level Agreement; Remote Monitoring & Alerting. Advanced - Service Desk Facility; Incident & Problem Management; Dedicated Account Management; Third Party Liaison; Escalation Procedure; Remote Support; Access to Customer Portal; Service Level Agreement; Remote Monitoring & Alerting; Annual IT Strategy; Monthly Remote Health Checks; Proactive Monitoring & Alerting; On-site Support. Support cost: Pricing is dependant on customers infrastructure and environment A dedicated Technical Account Manager is assigned to each customer and our Service Desk team includes Cloud Support Engineers.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We follow a defined process for on-boarding new clients to ensure that they have the assurance of our help, whilst at the same time remain in control of the cloud services which are often at the core of their business. Through the on-boarding process Nexus will complete a detailed assessment of: • Client’s strategic vision • Organisational culture • Current and future objectives • Desire business outcomes • Potential improvements to existing business processes • Project and programme delivery resources • Current governance and programmes. We can provide onsite training to our clients as well as instruction at our own training centre. User documentation is provided by way of client portal guide
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction You own your data and retain all rights, title, and interest in the data you store with Phone System.
You can download a copy of all of your data at any time and for any reason, without any assistance from Microsoft.
Exchange Online data, including emails, calendar appointments, contacts, and tasks, can be downloaded to a local computer by any end user at any time via the Import and Export wizards.
SharePoint Online documents can be downloaded at any time from the workspace into your local computer.
Vanity domain names such as contoso.com can be removed by following the Domain Removal instructions in Office 365 Help.
To download a copy of end-user metadata (such as email address, first and last name, and other data), you can use PowerShell cmdletscommand let, including the Get-MsolUser Windows PowerShell cmdletcommand let for Office 365. If you use Exchange Online, you can also use the Get-MailUser and Get-User Exchange PowerShell commands.
Upon expiration or termination of your Phone System subscription or contract, Microsoft will provide you, by default, additional limited access for 90 days to export your data.
End-of-contract process There are no additional costs at the end of the contract.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Different mobile devices work with Skype for Business in different ways, Microsoft provide detailed information online regarding compatibility and functionality.
Accessibility standards WCAG 2.0 AAA
Accessibility testing Phone System is constantly updated with accessible features. Phone System makes it easier for people with limited vision, hearing, speech, mobility, and learning abilities to create, communicate and collaborate on content. We enhance the usability of our experiences with assistive technologies, ease of access settings, and alternative input devices on an ongoing basis, based on insights from research studies and customer feedback. We also offer built-in settings to enhance your reading and writing experiences.
API Yes
What users can and can't do using the API The new Skype Developer Platform provides opportunities to customize and extend the capabilities not only with Phone System but also through Skype. Full details regarding the Skype Developer Platform and the APIs compatible with Phone System can be found online
API documentation Yes
API documentation formats HTML
API sandbox or test environment No
Customisation available No

Scaling

Scaling
Independence of resources Phone System as part of Office 365 is built on Azure which is a multi-tenant service, meaning that multiple customers’ deployments and virtual machines are stored on the same physical hardware. Azure, provides geographically dispersed regions around the world. These platforms also provide capabilities that support availability and a variety of disaster recovery scenarios. Azure has resiliency and disaster recovery built in to many of its services.

Analytics

Analytics
Service usage metrics No

Resellers

Resellers
Supplier type Reseller providing extra support
Organisation whose services are being resold Microsoft

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach You own your data and retain all rights, title, and interest in the data you store with Office 365 including through Phone System.
You can download a copy of all of your data at any time and for any reason, without any assistance from Microsoft.
Exchange Online data, including emails, calendar appointments, contacts, and tasks, can be downloaded to a local computer by any end user at any time via the Import and Export wizards.
SharePoint Online documents can be downloaded at any time from the workspace into your local computer.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability This service is underpinned by a Microsoft Service Level Agreement (SLA) which describes Microsoft’s commitments for up time and connectivity. For this service, availability of at least 99.95% is guaranteed. The following monthly up time limits attract the indicated service credits. <99.95% (10%); <99% (25%); <95% (100%).
Approach to resilience Available on request
Outage reporting A public dashboard shows the status of the service. Email alerts are available from the Office 365 Service Health Dashboard RSS Feed.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication 2-factor authentication
Access restrictions in management interfaces and support channels Nexus manage access to management interfaces and support channels through the use of Named Contacts. Those users who require access to management interfaces and support channels such as the client portal must apply for access through their organisation to the Nexus Service Desk. These user applications are then reviewed and approved or rejected with the individual recorded as a Named Contact for the particular service and appropriate credentials provided.
Access restriction testing frequency At least every 6 months
Management access authentication 2-factor authentication

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 British Standards Institute
ISO/IEC 27001 accreditation date 15/10/2016
What the ISO/IEC 27001 doesn’t cover In addition to having the BSI verify the compliance of Office 365 and Dynamics 365 with ISO/IEC 27001, we have asked the BSI to review more than 20 additional privacy controls that we built into the services to better align it with comprehensive European data protection regulations. We have taken this unique approach to help our European customers understand the protections we have put in place to help them satisfy the specific expectations of both European citizens and European regulators. M any customers consider EU privacy regulations to be the strictest in the world, so our work to align our controls with EU privacy regulations helps all customers that value data protection and privacy.Our ISO 27001 certifications and audits by the BSI thus enable all our customers to evaluate how Microsoft meets or exceeds the standards and implementation guidance against which we are certified. The full results of BSI’s findings are included in its ISO/IEC 27001 audit reports on Office 365 and Dynamics 365, summaries of which are available to Office 365 and Dynamics 365 customers upon request.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Cyber Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes Nexus hold and maintain an Information Security Policy. We have an Information Security Office (ISO) who is responsible for the development, management and enforcement of the policy across our organisation.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Nexus have a configuration management process for tracking changes in the specification of our services and products, this is managed centrally. Nexus also implement a full change management process for assessing and if appropriate executing any changes to services and products.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach One key operational best practice that Microsoft uses to harden its cloud services is known as the “assume breach” strategy. A dedicated “red team” of software security experts simulates real-world attacks at the network, platform, and application layers, testing Office 365's ability to detect, protect against, and recover from breaches. By constantly challenging the security capabilities of the service, Microsoft can stay ahead of emerging threats.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Microsoft security researchers are constantly on the lookout for threats. They have access to an expansive set of telemetry gained from Microsoft’s global presence in the cloud and on-premises. This wide-reaching and diverse collection of datasets enables Microsoft to discover new attack patterns and trends across its on-premises consumer and enterprise products, as well as its online services. As a result, Security Center can rapidly update its detection algorithms as attackers release new and increasingly sophisticated exploits. In the event that customer data is compromised, Microsoft will notify its customers.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach All Incident tickets will be recorded in the Nexus Service Desk system under the Incident Management workflow. All new Incident tickets will undergo an initial impact assessment. Nexus will further look to determine the number of users/systems affected and establish the commercial impact to the customer’s environment. We have a knowledge base to be able to check for common events. Users can report incidents by phone, email or through their client portal. Incidents are included in any appropriate service monthly ticket summary reports.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £6.03 per user per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Full featured trial, valid for 30 days

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑