Six Degrees Technology Group Limited

Six Degrees Livenumber for Business Continuity Planning

A business-grade resilient service, providing Business Continuity and Disaster Recovery for inbound PSTN telephone numbers. Designed to be used in conjunction with our SIP, it can be used with Geographical and Non-Geographical numbering in disaster scenarios where the customer needs to route their inbound calls to different terminating numbers.

Features

• Individual translation for single DDI's
• DR translation plan for multiple DDI's or number ranges
• SMS sent to confirm activation or deactivation of routing plan
• Full audit trail, individual logins and specific role based access
• Support for geographical, non-geographical, UK and International number ranges
• Number porting – retain existing numbers
• Business grade IP telephony

Benefits

• User friendly web interface to access system
• Accessible from any device connected to the internet
• Support for geographical, non-geographical, UK and International number ranges
• Number porting – retain existing numbers
• Resilient solution with automatic failover
• Proactively managed service
• Single or multiple number DR translation plans can be invoked
• Secure and ISO 27001 compliant

£0.15 a unit a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector.sales@6dg.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

912300241551613

Contact

Rob Walton
07813303485
publicsector.sales@6dg.co.uk

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Livenumber must be used with the Six Degrees SIP Trunking service.
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: This service can only be used with Six Degrees SIP trunking and with Six degrees Ofcom allocated number ranges, or numbers from other providers that have been ported into Six Degrees.
• System requirements:
  • Individual nominated users with user/range admin/customer admin privileges
  • The user portal is an internet-facing service- internet access requirement.
  • Phone numbers/Ofcom allocated numbering/ported-in numbers from other provider(s).
  • Configured BCP with alternative target numbers when DR is invoked.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Please see Service Description for all SLAs and KPIs
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Full support of services are provided as standard via our Support Desk. The Support Desk is available 24x7 and is manned by 1st/2nd line support engineers. The service desk has direct escalation to the operations team where full 3rd line support is provided. ; ; Full out of hours support is also provided for all P1 and P2 incidents with clear escalation paths.; ; All customers are allocated a service delivery manager who is responsible for ensuring the smooth delivery of the service, acts as an escalation point for all incidents, and provides full monthly service reporting.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Not applicable for SIP services.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats: Microsoft Word and Excel
• End-of-contract data extraction: Not applicable.
• End-of-contract process: We will provide transition services within reason to help the customer move to another service.

Using the service

• Web browser interface: No
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• Description of service interface: Users can raise support tickets and change requests etc. through Six Degrees' online customer portal, which is provided via our chosen IT Service Management tool.
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: None.
• API: No
• Customisation available: Yes
• Description of customisation: The Livenumber is a fully featured business continuity and disaster recovery telephony solution. The service can be used with any number type including geographical and non-geographical, UK and international. Any requests for further customisation will be considered on a case by case basis.

Scaling

• Independence of resources: We proactively manage our network capacity to ensure we have sufficient headroom. We configure all customer trunks with their number of contracted channels to ensure one customer cannot impact another customer's ability to use the service.

Analytics

• Service usage metrics: Yes
• Metrics types: Service usage data is available for users of the platform. We are able to provide statistics that show the number of user logins to the portal, call volumes and call completion success rates.
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2012
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Not applicable for SIP services.
• Data export formats: Other
• Other data export formats: Not applicable.
• Data import formats: Other
• Other data import formats: Not applicable.

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: Access to the Livenumber user portal is subject to end user authentication. Web server traffic is secured using a secure HTTPS web connection. Vulnerability scanning schedule to ensure a secure system and therefore minimising potential compromises.
• Data protection within supplier network: Other
• Other protection within supplier network: Data within the Six Degrees network is routed across private network infrastructure that is current and running supported code versions, hence secure and supported. Customer data is stored within our UK based data centres (data sovereignty) which are subject to associated level of security.

Availability and resilience

• Guaranteed availability: 99.99% uptime for resilient SIP trunks and an R-Factor greater than 85.
• Approach to resilience: Our service is designed with no single points of failure - we have geographically diverse and highly available session border controller clusters, multiple physical and logical carrier trunks and a multi-path QOS enabled MPLS network over which services run.
• Outage reporting: We have a suite of network management tools that proactively alert should there be any service issues.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Username or password
  • Other
• Other user authentication: Authentication is based upon individual usernames and complex passwords per user which are created by Six Degrees system administrators, or Customer Administrator role. The end user is prompted to change their password at first login.
• Access restrictions in management interfaces and support channels: Only authorised contacts are granted access rights to the service. The Support Desk will only accept requests from authorised contacts. Communication with anybody at Six Degrees will need to be pre-approved by a known individual in writing. Management of the infrastructure is via dedicated connectivity and out of band of customer data and customer networks
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Lloyd's Register Quality Assurance (LRQA)
• ISO/IEC 27001 accreditation date: 17/04/2020
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Convergent Network Solutions
• PCI DSS accreditation date: 01/06/2018
• What the PCI DSS doesn’t cover: Only the physical and environmental security at Six Degrees' data centres in Birmingham, London and Studley were included in this assessment. The relates to the provision of the secure physical environment for the Colocation Services with Six Degrees provides to its clients. All other services provided by Six Degrees, internal systems supporting business operations or for other clients are specifically excluded from this assessment.
• Other security certifications: Yes
• Any other security certifications:
  • PSN Compliance Certified
  • Cyber Essentials Plus

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials & PSN
• Information security policies and processes: All ISO 27001:2013 controls and associated policies are in place. Enhanced weekly and quarterly external approved scanning vendor (ASV) vulnerability scanning. Six Degrees comply with our PSN CoCo which is aligned to our security principles that allows us to deliver our customers PSN Secure and Protect.; Six Degrees operate a rolling internal audit programme to ensure continuity of compliance to our various accreditations , as well as internal technical auditing of our systems through the use of various integrity checks. This ensures that there is always a fully justified and documented Change Request for any modification of our secure systems.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All non-standard changes must be pre-authorised by going through a peer, senior and CAB approval process. Standard changes are created in template form and are approved in CAB before being implement into Change controls.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Six Degrees (Public Sector) run an internal vulnerability test once a week. All reported vulnerabilities that are reported are categorised into priority depending on the severity and a case is logged with the operation team who will fix the vulnerability under the time frames dictated by Public sector patching policy. This conforms to the PCI-DSS standard.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Six Degrees (Public Sector) have a protective monitoring system where all logs are centralised and checked on a daily basis for security breaches using several key search filters. Alerts are sent out for high risk activity and are pro-actively responded to by the operations and security teams. This conforms to the PCI DSS standard.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Six Degrees operate an ITIL aligned incident management process with associated procedures for security related incidents. The process has a clearly defined governance framework, including roles & responsibilities, clear policies and associated KPIs. This process conforms to PCI DSS.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Public Services Network (PSN)

Pricing

• Price: £0.15 a unit a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We can provide free Livenumber channel rental for a period of 3 months, the customer pays for call usage.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector.sales@6dg.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.