Business Systems (UK) Ltd

TeleWare Mobile Call Recording

Mobile call recording and SMS recording enables your organisation to record inbound and outbound calls together with SMS communications, providing your mobile workforce with all the benefits of office based communications.
Capture every detail with mobile voice and SMS Recording with Business Systems mobile call recording solutions.


  • Records all inbound and outbound calls and texts on mobiles
  • Industry-leading security safeguards, meaning your data is safe and protected
  • Interactive web based portal for recording retrieval, replay and archiving
  • Secure Storage - ISO27001 certification within the cloud
  • Available reports on usage, administration and compliance
  • Handset agnostic. Choose the handset most suitable or use existing
  • Securely exported into a fixed line recorder
  • Calls are recorded individually for improved analytics and post-call insight


  • Flexible on-demand mobile call recording
  • Monthly subscription option with no hidden costs.
  • Rapid deployment of mobile call recording by replacing SIM
  • Complies with all UK financial mobile call recording regulations
  • Protects the organisation & eliminates risk by recording all calls
  • Mobile call recording provides complete work flexibility
  • Ensure customer experience and employee productivity levels are maintained
  • Provide a more flexible working environment for your employees


£18 to £35 per user per month

Service documents

G-Cloud 10


Business Systems (UK) Ltd

Julie Kerman

0208 326 8326

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints Customers that want to use existing mobile telephone numbers will need to port back the numbers and use new SIM they are provided with.
System requirements None

User support

User support
Email or online ticketing support Email or online ticketing
Support response times "Support response times Acknowledge a fault or question with a reference number - 30 minutes
Support questions are during normal business hours 8:30 - 5:30 Monday to Friday.
High impact faults 24/7/365"
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support No
Support levels Business Systems provides five levels of support for mobile call recording, including:

1. Platinum - Full support, 24 hours a day, 365 days per year with 4 hours response (remote access is a pre requisite).

2. Gold - Full support, 0800-2000 hours a day, 365 days per year with 4 hours response (remote access is a pre requisite)

3. Silver - Standard on-site support (including telephone support), 0800-
2000 Monday-Saturday; Response time of 8 hours UK (typically 4 hours in the City of London)

4. Bronze - Basic on-site support (including telephone support), 0900-1700 Monday-Friday; Response time of 8 hours UK (typically 4 hours in the City of London)

5. Tailored Service Level based on the customer's requirements e.g. custom support hours, on-site support, technical account manager etc.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started To correctly provision and bill new mobile call recording customers, the following Account information is required:
• Account name
• Account reference number
• Account address including post code
• Authorised contact name
• Authorised contact email address
• Authorised contact phone

To provision a new customer we need
• Customer name
• Updated Tenancy Capture Form
• Implementation address including post code
• Authorised implementation contact name
• Authorised implementation contact email address
• Authorised implementation contact phone

All new users will receive a "Welcome" email with user guides and case reporting guides, that contain the information needed to commence using the mobile call recording service. Users will have access to a web-based "Help Centre" that covers all aspects of how to use the service. Business Systems also provides a manned service desk during business hours as well as a 24/7 online facility for logging cases. Authorised contacts will also have access to the full Service Description from the Digital Marketplace and will be allocated a Business Systems account manager for the duration of the working relationship.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction There are a number of options available for extraction of data at the end of the contract. This will be discussed with the Business Systems account manager assigned to the contract.
End-of-contract process At least 30 days before the end of the contract, the Authorised Contact informs the Support Desk if the Mobile Numbers are to be retained and rolled over to a new version of G-Cloud, ceased or ported to a new Communications Provider (CP).

The timescale for porting is 28 working days. If the buyer is moving to a new CP then the new CP is responsible for the process of porting the numbers. The Support Desk will give full assistance in any port or in ceasing the service.

There is no charge for porting the service to another communications provider. If large amounts of data need to be extracted there will be a charge as given in the pricing document.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service There are separate desktop applications for service administration and for access to compliance recordings.
Accessibility standards None or don’t know
Description of accessibility Accessibility is considered in design, but doesn't necessarily adhere to an industry standard.
Accessibility testing None
Customisation available No


Independence of resources The solution design allows for scale of application services horizontally by adding additional server instances. Services are monitored for performance and additional application servers are provisioned to ensure the SLA is met for each of the services.


Service usage metrics Yes
Metrics types Cases logged, SLAs, fixed times/closure summaries etc.
This can be tailored to the customer's needs.
Reporting types
  • Regular reports
  • Reports on request


Supplier type Reseller providing extra features and support
Organisation whose services are being resold TeleWare

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least every 6 months
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Customers contact the support desk or their Business Systems account manager. User setup data could be provided as CSV. Calls/SMS provided through an on premise export application.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability 99.8% uptime
Approach to resilience Datacentres have dual power and network diversity and all other infrastructure utilises have dual power and dual LAN. The core databases are delivered using a SQL Always On cluster. All application and server configurations are at least N+1
Outage reporting Outages are detected and managed by the NOC, alerts are sent to nominated customer contacts by email.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels At the time of ordering, user and privileged user details are captured on a tenancy capture form by the designated customer contact. These include users, change requests, personnel with access to the portal etc. These users are created within the user registry with the correct permissions and a temporary password which the user must reset on first use. Password complexity standards are set at the time of order in the TCF process and are usually 8 characters, one capital, one numeric and one special character. Passwords are not stored in plain text within the database.
Access restriction testing frequency At least once a year
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 UKAS
ISO/IEC 27001 accreditation date 01/10/2017
What the ISO/IEC 27001 doesn’t cover All operational areas are covered
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Cyber Essentials Certificate

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Business Systems is ISO 27001 accredited. We have a public published 'Group Information Security Policy' which describes our approach to security. All other policies follow on from this and are classified as 'internal'. We have policies for all areas of the business including IT, HR, Access control, physical security, data retention and destruction. The management system is driven via our Continual Service Improvement Plan (CSIP) which also contains the company risk register (and risk assessments).

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach The solution architecture and source code are version controlled using various version control systems. Changes to the solution undergo a formal peer review for functional and non functional aspects, which include safety and security of the system. Implementation of these changes on to the production platform undergoes a further formal review through the Change Approval Board. Both of the peer reviews are tracked using an auditable change management system.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Our platform uses Microsoft OMS which monitors the entire platform for suspicious or abnormal behaviour against a pre-set security baseline. OMS is able to notify our Network Operations Centre where investigation is required. We have governing procedures within our ISMS which ensure such incidents are escalated to, formally reviewed by and where required investigated by our internal audit group.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Governed by an ISO27001 compliance ISMS, all company processes and procedures are reviewed and audited by an internal audit group (information security forum) the ISF ensure that adequate protections and controls are in place for the business which include availability and security monitoring of the platform via the NOC.
Incident management type Supplier-defined controls
Incident management approach We have a defined process for managing incidents as part of our ISO27001. The ISMS management team are responsible for responding to and managing incidents. The plan includes strategies for managing the media, ensuring all response during an incident are documented and minimising risk. The plan is tested every 6 months.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £18 to £35 per user per month
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑