Arrow Cloud Telephony and Unified Communications Solution
A secure cloud based telephony service utilising Mitel PBX software and handsets. Customers can add Contact Centre functionality, Compliant call recording, Call Analytics, Remote workers, mobile and soft clients and collaboration tools. The service is managed, monitored around the clock and customers are provided with a self service administration portal.
- Mitel PBX control software configured live across two data centres
- Cloud based Contact Centre Service routing voice and Multi Media
- FCA Compliant secure and resilient call recording software.
- Call analytics reporting service with live wallboard display capability
- Secure web based portal for self service administration
- Application for deployment on Smartphone device
- Support for handset to be deployed at a remote location.
- All standard executive PBX calling features
- Desktop 'MiCollab' client for PC and MAC.
- Best of Breed Mitel Handsets
- Best in class PBX functionality with excellent business continuity
- Helps allocate correct resources to maintain service levels.
- Monitor call quality, to improve levels of customer service.
- Provides visibility of call response times to aid customer service.
- Changes can be made without external resource or cost.
- Receive calls on mobile and landline device simultaneously.
- Allows home workers to communicate more effectively.
- Immediate notification and retrieval of voicemail when away from office.
- Use collaboration tools for effective home-working
- Control call routing and view call history from your desktop.
£8.95 per user per month
6 2 9 8 9 1 5 2 4 5 3 9 6 8 3
Arrow Business Communications Limited
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Service constraints||A suitable private or public internet connection is required. Alternatively Arrow can provide dedicated voice connectivity.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Our standard response time is four working hours Monday-Friday 9-5.30pm. We can supply bespoke SLA agreements.|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||24 hours, 7 days a week|
|Web chat support||Web chat|
|Web chat support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support accessibility standard||None or don’t know|
|How the web chat support is accessible||There is a web-chat icon on each page of the support section in our web-site. Zendesk supports or partially supports WCAG 2.0 guidelines.|
|Web chat accessibility testing||None completed to date|
|Onsite support||Onsite support|
|Support levels||We provide two levels of support, Standard and Premium: Standard business hours are 9-5.30pm, Monday-Friday. Standard support guarantees a response within 4 working hours to a fault properly reported to Arrow’s support team. The contract also includes 1 dial in per calendar month for any non-fault related moves, adds and changes with a maximum time of 15 minutes. Outside these parameters moves and changes will become chargeable as follows; Remote dial in, £50 for up to 15 minutes or £90 per hour. Onsite call outs, £95 for the first 30 minutes and £27 for every 15 minutes thereafter. Premium support provides a maintenance service 24/7/365. The maximum response time for a Standard Fault will be 8 operational hours and the maximum response time to a System Crash will be 4 operational hours. The contract includes up to 10 dials-in per month with a maximum total time limit of 2 hours. Outside these parameters moves and changes will become chargeable as follows; Remote dial in, £50 for up to 15 minutes or £90 per hour. Onsite call outs, £95 for the first 30 minutes and £27 for every 15 minutes thereafter. Premium support is an additional £5.00 per user.|
|Support available to third parties||Yes|
Onboarding and offboarding
An Account Manager and pre-sales consultant will work with you to identify the correct service specification and configuration. If required we will attend site to conduct site surveys, demonstrations and audits. Once our proposal has been accepted and our Cloud Telephony service contract signed, the project is added to our internal task system. Each new customer project is allocated to a Prince 2 qualified Project Manager who assumes overall responsibility for the project. The Project Manager will communicate with the customer by phone, e-mail, video or in person. A Project Initiation Document is issued once we have gathered all required information. A meeting to discuss all aspects of the phone service configuration is held with
the customer. The service configuration agreement is written up and issued to the customer. The Project Manager will liaise with the Cloud IP Engineering team to
manage the necessary technical resources. The PM will also manage the process of porting numbers in to the Arrow network. The assigned Cloud IP Engineer will configure the service and attend
site to carry out the deployment. Where the customer specifies on-site training, a qualified trainer will attend site to provide the necessary instruction.
|End-of-contract data extraction||The customer can extract all historical billing and call recording information held bia the relevant service portals|
|End-of-contract process||Arrow’s standard cancellation terms are 90 days following the expiry of the initial term. Once a termination request has been received and contractual terms agreed Arrow will work with the customer to ensure a smooth transition from our side. If a customer wishes to retain their telephone numbers hosted by Arrow they can be ported away in line with industry regulations and Arrow will make available necessary information so as not to hinder this process. We will also agree timescales for any additional services that need to be ceased completely. Arrow will agree a plan for which hardware needs to be returned. When all services have been transferred or ceased Arrow will send a final invoice. The customer via the relevant service portals can extract all historical billing and call recording information held. Once terminated, Arrow technical staff will de-commission the customer’s service ensuring all database information, call recording and analytics data are permanently deleted. Services included in the price of the contract will be monthly rental charges and any hardware or professional services which were agreed at the beginning of the contract period. Additional costs may be for incremental licences.|
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Our MiCollab application works on PC and Mac desktop and will also work on a mobile devices (iOS and Android) via the MiCollab app.|
|Description of service interface||The administration portal is accessed via a web browser over the internet.|
|Accessibility standards||None or don’t know|
|Description of accessibility||Mitel designs its products to make sure that what it offers is accessible to everyone, regardless of their physical limitations. Mitel’s solutions offer features that provide, or work with assistive technology to provide, telephone communications, e-mail, voice mail, fax, and PC desktop applications to disabled users. All solution components, from its telephones to applications including Mitel Unified Communicator Advanced and Mitel Unified Messaging.|
|Accessibility testing||Mitel, the software vendor, have undertaken extensive User Experience testing in the design of the Oria self-service administration portal and the latest MiCollab interface.|
|What users can and can't do using the API||APIs only refer to additional features such as CRM integration where we will work with the customer's particular integration requirements. This will differ from customer to customer.|
|API documentation formats|
|API sandbox or test environment||Yes|
|Independence of resources||Each customer has their own high availability pair of virtual PBX's across geo-resilient data centres. The underlying network is configured and monitored to ensure that each customer's service has the recommended resources published in our vendor's specification documentation. As more customer's are added to the platform, underlying network resources are scaled to suit demand.|
|Service usage metrics||Yes|
|Metrics types||We provide metrics on inbound and outbound calls made from each extension via our web-based call analytics portal.|
|Supplier type||Reseller providing extra features and support|
|Organisation whose services are being resold||Mitel Redbox BT Wholesale Tollring Gamma|
|Staff security clearance||Other security clearance|
|Government security clearance||None|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Supplier-defined controls|
|Penetration testing frequency||Less than once a year|
|Penetration testing approach||In-house|
|Protecting data at rest||
|Other data at rest protection approach||
All data is stored on servers within racks dedicated to and only accessible by directly employed Arrow technical staff. These data centres are fully security compliant and this is reviewed regularly. Arrow has been auditing it's information process and storage in line with GDPR regulations. Part of this process is updating our Information Security Policy with some of the following objectives:
• Protecting all Company information systems
• Analysing/evaluating risk on a continuous basis. Developing response plans/carry out testing to deal with assessed risks.
• Make certain that users are aware of/comply with all current and relevant UK/EU legislation.
|Data sanitisation process||No|
|Equipment disposal approach||In-house destruction process|
Data importing and exporting
|Data export approach||Call data can be exported in .CSV format from the relevant service portal.|
|Data export formats||CSV|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||Legacy SSL and TLS (under version 1.2)|
|Data protection within supplier network||Other|
|Other protection within supplier network||
Private WAN Service
Media and signalling path encryption is supported for all of Mitel's IP phones.
Media path encryption is accomplished with Secure RTP using 128-bit Advanced
Encryption Standard (AES)
Availability and resilience
|Guaranteed availability||The Cloud telephony service architecture is such that we can offer high availability of service to all customers. We offer a 99.99% uptime SLA. IF the SLA is not met then we have a prescriptive method of offering refunds against a users monthly subscriptions.|
|Approach to resilience||The service is operated from two data centre with a customer specific PBX being deployed in each. All handsets have the ability to connect to PBX call control at both data centres. All connectivity to the PSTN and Public internet is offered from both data centres for resiliency.|
|Outage reporting||We operate a real time network monitoring tool that allows us to see in real - time any issues on our network. We use a manual e-mail notification service in the event of a MSO to inform the relevant customers.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||We offer various levels of access in to the call analytics, call recording and contact centre tools based on role and permissions for customers. Core network access is only granted to Arrow's dedicated engineering team. Within the engineering team there are various levels of access dependant on engineer accreditation and job role.|
|Access restriction testing frequency||At least once a year|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||Integrated to GTT’s network which is governed by ISO 27001|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||The Chief Executive Officer, along with the board, in partnership with the Head of IT is responsible for the approval of all of the IT policies and ensuring that they are discharged to the relevant managers. Arrow's Information Security Policy outlines our approach to information security as well as being a method to establish a set of tools to outline the responsibilities necessary to safeguard the security of the Company’s information systems with supporting policies, codes of practice, procedures and guidelines. The policy applies to all employees - current and new - of the Company as well as all other authorised users. The policy relates to the use of all Company-owned information system assets, to all privately owned systems when connected directly or indirectly to the Company’s network and to all Company-owned and or licensed software/data. Authorised members of the IT Department will from time to time monitor the information systems under their control to ensure compliance. This is supported by training during the Induction process for new employees and updates to existing staff as appropriate.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||Our Cloud Telephony services are deeply integrated into GTT’s (https://www.gtt.net/gb-en/) network. GTT has maintained ISO 27001 accredited Enterprise Security Management System for their Operations Centres and Data Centres since September 2005.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||Our Core Telephony services are actively managed by network monitoring tools 24/7/365 and provide alerts to any vulnerabilities within the Core services. All of our services are patched to each vendors latest supported version, and any new vulnerabilities are addresses and communicated to Arrow to take immediate action and new patches provided and applied. Our data centres are suitably firewalled and run industry leading anti-virus.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||Arrow's Data Protection Policy details the extensive controls, measures and methods used to protect personal data, uphold the rights of data subjects, mitigate risks, minimise breaches and comply with the data protection laws and associated laws and codes of conduct. We also carry out regular audits and compliance monitoring processes, to ensure that the measures and controls in place are adequate, effective and compliant at all times. All data breaches are reported immediately to the direct line manager and the reporting officer. Measures must be taken immediately to contain the breach and to stop any further risks or breaches.|
|Incident management type||Supplier-defined controls|
|Incident management approach||
Arrow’s Data Breach Policy states that all staff must report a data breach immediately to the direct line manager.
The Supervisory Authority is to be notified within 72 hours of any breach where it is likely to result in a risk to the rights and freedoms of individuals.
A full investigation is conducted and recorded on the incident form, the outcome of which is communicated to all staff involved in the breach, in addition to upper management. A copy of the completed incident form is filed for audit and record purposes.
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||Yes|
|Price||£8.95 per user per month|
|Discount for educational organisations||No|
|Free trial available||No|