storm® CONTACT™
storm® CONTACT™ is a multi-channel CCaaS (Contact Centre as a Service) solution for inbound and outbound interactions, delivering iACD® (intelligent Automated Contact Distribution) for any size of organisation. This connects people and devices to the best automated or live resources, however, wherever, whenever and in whatever quantity they interact.
Features
- Multi-channel intelligent Automated Contact Distribution (iACD)
- 100% browser-based interfaces for billing, agents, supervisors and administrators
- Integrated IVR and ASR: automation with onward routing to agents
- Blended inbound and outbound environment
- Integration with any system, database or resource e.g. CRM
- Virtually unlimited scalability
- Intuitive management interfaces
- Blended queuing of SMS, social media, voice, web, IM, email
- Mediated Interaction Matching for skills & personality-based routing
- All interactions recorded
Benefits
- Process multi-channel contacts in a single interface
- Connect customers to the best available information or agent
- Maximise the value of your skilled agents
- Optimise contact centre performance through reporting and management interface
- Extend value of existing systems through integration
- Handle any volume of simultaneous demand
- Deliver enhanced customer engagement
- Enable multi-channel customer journey
- Automate interactions and provide agent hints for improved customer service
Pricing
£23.43 to £118.13 a user a month
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 11
Service ID
9 2 6 0 0 4 3 1 4 2 0 0 2 3 9
Contact
Redwood Technologies Ltd
James Horsley
Telephone: +44 (0) 1344852350
Email: gcloud@redwoodtech.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Service constraints
- Storm support extends to the entire customer experience across all services, including hardware, connectivity and applications. If storm services are purchased through a partner, then front-line support may be provided by the partner and additional support provided by Content Guru. storm is multi-sited across resilient data centres, and all hardware is modular and resilient at every level, meaning that upgrades can take place with no disruption to service. Upgrade notifications are issued regardless.
- System requirements
- Minimum operating system specification.
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Tickets are categorised according to their impact (P1-P4) as defined in standard service level agreement please see terms and conditions standard response times are as follows. P1 : within 15 minutes P2 : within 30 Minutes P3 : within 1 working day P4 : within 1 working day
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
Standard and bespoke support levels are available (for instance, 9-5 Mon-Fri, 7-7 Mon-Sun, 24/7/365).
Costs are agreed as part of the overall services package.
Technical support is provided by the dedicated, UK-based NOC. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- New users are provided with dedicated training by specialised platform experts. This can be delivered either face-to-face or online. Face-to-face training sessions are delivered either on customer premises or at the Redwood Technologies headquarters in Bracknell. Online training sessions are delivered via live instructor-led webinars.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- There are several different options available to customers for extracting data at the end of the contract. Most customers will regularly extract data using storm's inbuilt reporting management tool, VIEW (into formats such as CSV, XLS and PDF). However, all data can be manually extracted by storm's engineering team and delivered to the customer at the end of the contract, if this is required.
- End-of-contract process
- This varies based on the contract. Services can be decommissioned as part of the agreement, and there may be additional costs involved in decommissioning or transferring to other systems subject to the pre-agreed exit provisions.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 10
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- None.
- Service interface
- Yes
- Description of service interface
- CONTACT comprises a number of applications that work together to deliver your contact centre. Each application is accessed from a web browser. Configuration methods include check boxes, option buttons, selection boxes, and fields that can be typed into. DATA MANAGEMENT tables are created by adding columns to a table and then importing the data from a csv file. FLOW is used to create customer services such as IVRs, prompt recording, and speech capture, by dragging action cells onto a page and connecting them together. All channels (voice, SMS, email, web chat, twitter, and Facebook) are replied to from the DTA.
- Accessibility standards
- None or don’t know
- Description of accessibility
- High contrast settings are available and users can change font sizes and color
- Accessibility testing
- No official and documented testing as been conducted at this point in time.
- API
- Yes
- What users can and can't do using the API
- Bespoke and off-the-shelf APIs are available, subject to agreed specification.
- API documentation
- Yes
- API documentation formats
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Features and functionality can be fully customised, either by using the FLOW tool to amend service flows (by the user), or by bespoke development (by the supplier).
Scaling
- Independence of resources
-
As Europe’s largest cloud-based Communications Integration platform, storm provides users with access to massive capacity. The platform can be scaled to accommodate services for any size of business. With sufficient capacity to accommodate in excess of 150,000 additional users, live storm services can be instantly scaled up when required without impacting service for other users.
storm provides user organisations with access to an effectively unlimited number of ports in the cloud, with the platform able to accommodate tens of thousands of simultaneous calls across TDM and VoIP, with a voice capacity in excess of 60 million minutes per day.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Fully flexible and customisable real-time and historical reporting across multiple channels, with real-time notification alerts on service performance, trend analysis and service levels.
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with another standard
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- Users can export all data via the VIEW reporting dashboard. VIEW has the facility for manual exports or for regular exports via FTP or email, and can be used to extract multiple different areas of data based on customisable criteria such as time periods.
- Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- As set out in the standard Service Level Agreement.
- Approach to resilience
- The storm platform is maintained across multiple secure data centre sites in every territory where it is deployed to provided optimum availability and resilience. To this end, it is of paramount importance that all data centre sites and the data stored therein is synchronized. All constituent data centres supporting the platform are connected by resilient 1GB links, which are continuously subject to monitoring. All data centres and servers are kept in active-active configuration, with the resilient connections between them enabling the ongoing synchronization of all services and data.
- Outage reporting
- The Support Team provides email alerts.
Identity and authentication
- User authentication needed
- Yes
- User authentication
- 2-factor authentication
- Access restrictions in management interfaces and support channels
- Each organisation’s storm solution requires the purchase of one or two administrator licences. Administrators require these separate licences to access admin privileges. As with all users, these require RSA-secured login. Administrator seats are assigned to named users. Supervisors can be given restricted access to above-standard features, and this is fully-configurable by administrators.
- Access restriction testing frequency
- At least once a year
- Management access authentication
- 2-factor authentication
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Lloyds Register Quality Assurance
- ISO/IEC 27001 accreditation date
- 03/10/2018
- What the ISO/IEC 27001 doesn’t cover
- Processes outside of those certified. Certificate states that the approved Information Security Management System is applicable to: the information security management system supporting cloud computing services through Content Guru and the design, development, installation and maintenance of telecommunication systems, including hardware and software for Value Added Network Services, soft switching and computer technology solutions in accordance with Statement of Applicability version 2.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- Yes
- Who accredited the PCI DSS certification
- NCC Services Ltd (NCC Group)
- PCI DSS accreditation date
- 30/01/2018
- What the PCI DSS doesn’t cover
- All processes outside of those certified. Certification was for compliance with the Payment Card Industry Data Security Standard (PCI DSS) Version 3.2.
- Other security certifications
- Yes
- Any other security certifications
- Cyber Security Essentials
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- ISO/IEC 27001
- Other
- Other security governance standards
-
Cyber Essentials Scheme (CES) certification
+PCI-DSS Level 1 - Information security policies and processes
- Adheres to ISO 27001. All data centres are accredited to IL-3 standard. The building is protected by physical security barriers and card access points, visitors are logged. User logins are RSA-authenticated, requiring PINs (minimum 4 digits) followed by an RSA SecurID that refreshes every 60 seconds. VPN access is restricted to the necessary employees. All successful or failed accesses to certain areas, such as audit trails or cardholder data, are logged. System logs are reviewed several times daily by engineers. Errors or exceptions are logged in an xcl file. Items are assigned owners according to expertise, and investigated. This file is reviewed by an Engineering Manager, ensuring all investigated items are progressed or closed. Access to the raw data is restricted to the Engineering Manager, ensuring a copy of the audit cannot have been tampered with. All servers within the CDE are time-synchronised to ensure consistency, and synchronised every 15 mins. A security manager ensures policies are adhered to and is the point of contact for all security incidents. All employees are given security policy with compulsory security training. Heads of departments attend ISMS reviews. Security incidents are recorded in the Security Audit Report maintained by the Security Manager.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Requests for hardware and software changes are in the first instance submitted to the Change Control team to audit. The test platform ‘Ministorm’ has fixed managers who assess change requests. Application engineers ensure all changes conform to release notes. All work is undertaken on Ministorm primarily, and must be tested and signed-off by a senior engineer and the Change Control team. Affected clients are notified in advance. Any issues encountered are logged in the ECO database, using JIRA and GIT. Those that could affect security are flagged when the change request is first submitted and special documentation is needed.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- The vendor employs an approved third party scanning vendor to perform internal and external vulnerability scanning. Based on the information provided on a regular basis by the third party, the vendor's security team review and action the necessary patching. All patches are tested in the lab environment prior to live roll-out. Frequency of deployments are based on criticality of patches and schedule of planned work.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- The platform is monitored continuously day and night, on a 24/7 basis. The processes include interrogation of data logs and real-time alerts based on system performance. Potential compromises are actioned immediately by the support team, using established processes.
- Incident management type
- Supplier-defined controls
- Incident management approach
- The vendor has standard documented procedures for incident management. User reports incidents to the Engineering Services team as part of the standard ticketing procedure. Incident reports are issued as per the agreed SLAs.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- Yes
- Connected networks
-
- NHS Network (N3)
- Health and Social Care Network (HSCN)
Pricing
- Price
- £23.43 to £118.13 a user a month
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
- Base trial version available subject to contract.