WAVE™ push-to-talk is a group communication service that connects your team at the push of a button across different networks and devices. Easily share voice, text, photos, video and more with a group or individual at the push of a button, all from one PTT application.


  • Secure Push-To-Talk (PTT) service for smartphones and desktops
  • Connect your teams instantly with Android and iOS PTT communications
  • Sharing of text, picture, video, audio and file attachments
  • Location, presence and status sharing across users with mapping capabilities
  • Easy to read communication thread with time stamps
  • Web Dispatch control room application for PTT, mapping and messaging
  • Communicate across any IP network including WiFi, 4G, 3G, Internet
  • High availability supported through resilient deployment architecture
  • AES256 bit encrypted individual and group communications


  • Secure and instant Push-To-Talk team communication
  • Simplicity of radio communication on your teams’ phones
  • Users can communicate across different networks and devices
  • Connect to users regardless of geographical location
  • Fast deployment to existing mobile devices (BYOD)
  • Add / remove users as your business needs change
  • Predictable subscription fees makes it easy to budget
  • Geographic and local redundancy provides enterprise
  • No servers to maintain means you can focus on business


£72 to £456 per unit per month

Service documents


G-Cloud 11

Service ID

6 3 9 8 0 2 8 5 8 6 7 5 4 1 9



Andy Glover


Service scope

Software add-on or extension
Cloud deployment model
Public cloud
Service constraints
20 Talkgroups are included per site license
System requirements
  • IOS or Android for WAVE App.
  • Chrome or IE11 Windows Browser for WAVE Dispatch.

User support

Email or online ticketing support
Email or online ticketing
Support response times
< 1 day
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Support levels
Response times are 1-10 days dependant upon Severity Level (SL).
Support available to third parties

Onboarding and offboarding

Getting started
App stores contain usage explanations for App and in-App Tutorial. WAVE Dispatch contains introductory tutorial and online help.
Service documentation
Documentation formats
End-of-contract data extraction
Data is not exportable.
End-of-contract process
Users continue through contract renewal or are deactivated.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Chrome
Application to install
Compatible operating systems
  • Android
  • IOS
  • Windows
Designed for use on mobile devices
Differences between the mobile and desktop service
WAVE App on mobile is for individual PTT communication operations. WAVE Dispatch on desktops is for centralised group communication monitoring and control.
Service interface
Customisation available
Description of customisation
Administrator can create PTT talkgroups and change/add/remove users to talkgroups.


Independence of resources
WAVE is based on carrier grade PTT solution. System applications are designed to operate in redundant mode. Solution is based on Microsoft Azure cloud to ensure further uptime and redundancy based on Azure implementation.


Service usage metrics


Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Protecting data at rest
Other data at rest protection approach
On the device, the Broadband PTT application uses the Advanced Encryption Standard (AES)-256 to encrypt all locally stored data, including authentication credentials, configuration, and settings. The locally stored data can be decrypted by the Broadband PTT application only on the specific device on which it was encrypted, and the PTT application will not log sensitive data such as username, password, configuration values received from the server, or PTT application configuration values.
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Data is not exportable.
Data export formats
Other data export formats
Data is not exportable.
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks
AES-256 encryption
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network
Microsoft Azure provides a secure foundation across physical, infrastructure and operational security for the WAVE system. Azure is responsible for the security of the cloud; Application is responsible for security in the cloud. Azure enables application to control the content. AES-256 is used to encrypt all voice traffic and signalling information traveling between the Broadband PTT application and the gateway server at the Broadband PTT data centre. Sessions are decrypted and intelligently distributed to the appropriate Broadband PTT servers. PTT communications leaving the data centre toward the end devices are re-encrypted in compliance with FIPS 140-2 cryptographic modules.

Availability and resilience

Guaranteed availability
Response times are dependent upon Severity Level (SL). SL1 - catastrophic failure of critical features -1 day response; SL2 - failure that limits normal use of major features - 2 working days response; SL3 - failure that does not prevent use of the application - 5 working days response; SL4 - does not cause any real operational impact - 10 working days response
Approach to resilience
The system design consists of fully redundant servers that are deployed with load balancing applied. At least two instances are hosted in different availability zones in a region in Azure cloud. Availability zones in the region are geographically separated in different data centres.
Outage reporting
The system is deployed in Azure cloud, and servers are monitored within a Network Operations Centre for alarms that trigger the WAVE DevOps team if a service affecting issue arises.

Identity and authentication

User authentication needed
User authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
Access is granted based on user role.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
Less than 1 month

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
No exclusions
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
We are an ISO 27001 certified company supporting that certification is a process which identifies business objectives and risks, allowing us to conduct risk analysis and define policy and controls. We maintain ongoing governance by auditing, monitoring and measuring the effectiveness of those controls through targets and KPIs.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Configure, Audit, Validate, Report exceptions, investigate exceptions, resolve.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We identify vulnerability through IT health checks or vendor supplied information, conduct risk analysis, implement security controls and monitor the effectiveness of controls.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Collect events, look for pattern anomalies, report and manage through incident management.
Incident management type
Supplier-defined controls
Incident management approach
Categorise, Prioritise, Triage, Diagnose, resolve, resolution and recovery, close incident.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£72 to £456 per unit per month
Discount for educational organisations
Free trial available

Service documents

Return to top ↑