Bluejeans VMR Service
Gateway for Microsoft Teams that seamlessly integrates existing video room systems, connecting people in meetings across board rooms, conference rooms, and huddle spaces. Provided by certified provider BlueJeans & accredited reseller VideoCentric.
- Up to 1080p Video, Audio & Web Conferencing
- VMR service (conferencing bridge) for up to 100 participants
- Join from H.323/SIP
- Integrate with Teams, Facebook, Skype for Business, Slack
- Cloud Recording & Streaming
- Screen sharing
- Full Analytics & Reporting Dashboard
- Scheduling & calendar integration
- Free mobile app included for iOS & Android
- Managed & supported by UKs leading Video Communication experts
- Enable users with HD Video Conferencing without CAPEX investment
- Join meetings anywhere on any device
- Simple user interface with one touch-to-join simplicity
- Reporting & ROI calculations for user adoption & troubleshooting
- Provides Video, Audio & Content collaboration for every employee
- Highly secure, resilient & distributed infrastructure
- Self provisioning & management portal for administrators
- Comprehensive support services inc. 24/7/365 telephone support
£21.35 per user per month
- Education pricing available
- Free trial available
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Email or online ticketing support||Email or online ticketing|
|Support response times||1 hour meaningful response.|
|User can manage status and priority of support tickets||No|
|Phone support availability||24 hours, 7 days a week|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
|Support levels||VideoCentric's award-winning support levels can include technical & telephone support & email support, interoperability testing, software patches, releases & upgrades from a highly accredited in-house technical team. Services can also include onsite escalation services, training, remote diagnosis and deployment services depending on any service wrap-around requirements (i.e. in room AV/endpoints/networking etc). All customers have a dedicated Account Manager and direct access to 1st, 2nd and 3rd line expert support, and assistance with any direct liaison required with vendors. Access to online resources for both IT administrators and end users and any available ongoing user adoption & onboarding support included. Reporting, ROI & analytics assistance can be added if required. Many of our cloud services do not require full maintenance programmes or relevant support is included within original service, though some services can be added as optional extras or included for related hardware. VideoCentric provide the UK's most comprehensive and flexible range of support programmes which can be tailored to meet individual needs, and can also be provided to enhance simple Manufacturer warranties & support levels. Pricing varies dependent upon tailored or chosen programme.|
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||Customers are assigned a Client Success Manager who is responsible for assisting with user training, adoption and problem resolution. The CSM is assigned for the life of the account.|
|End-of-contract data extraction||End user data and company data is stored in-region at VideoCentric and BlueJeans owned operation centress and co-location data centress. Additionally the data is stored in the US. Customer data is controlled under the US EU Privacy Shield principles including when customers' contracts ends and their subscription is terminated. Data is removed or extracted upon request in a suitable transferable format.|
|End-of-contract process||BlueJeans is a subscription service. Should the customer elect not to continue their subscription by giving the stated written notice, we will work with the customer to confirm a switch-off date and any data or materials the customer can reasonably expect such as end-user reporting. The customer will no longer be able to use the service after the end of contract.|
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Both desktop & mobile enable joining a HD video & voice meeting, sharing & discussing content, sending in-meeting messages, customisation, access to participants list and scheduling. The mobile app is designed to replicate the desktop service to make it simple for users.|
|Accessibility standards||WCAG 2.1 A|
BlueJeans accessibility features enable customers with disabilities such as visual and hearing impairment to attend and participate in a BlueJeans meeting from any computer or mobile device.
These enhancements to the service are based on the Web Content Accessibility Guidelines 2.0 and the 21st Century Communications & Video Accessibility Act requirements and are made in order to expand BlueJeans’ accessibility to customers with disabilities.
|What users can and can't do using the API||
The BlueJeans API is a JSON REST service that communicates over HTTPS to api.bluejeans.com.
REST: Representational State Transfer
HTTPS: Hypertext Transfer Protocol (secure)
Each API request must include a valid token, which is issued to the user at the time of consuming the Authentication API. Tokens are time-‐based token that remains active for one hour. Keys are rotated annually or as needed upon termination of operational employees.
An Enterprise customer can request an API trial and access to a API test site to test against.
Changes can be made available to the BlueJeans API team that can add code as required.
|API documentation formats||
|API sandbox or test environment||Yes|
|Description of customisation||Users can customise accounts and dial in numbers that appear within the meeting web application and invitations. The meeting invitation emails can also be customised to your own style and needs. The administrator can customise branding with their own logo for across the apps and invites.|
|Independence of resources||60/40 reorder rule – Upon reaching 60% capacity in any given POP for 5 minutes, we begin ordering enough capacity to lower to 40%. Peak usage is checked weekly and reported. Capacity is re-evaluated after each release using controlled load testing.|
|Service usage metrics||Yes|
|Metrics types||Administrators get access to a full administration portal which includes IT tools to track adoption, support users, measure ROI with robust deployment, monitoring and centralised moderation controls. This portal empowers the IT team to visualise, measure and manage meetings in real-time, see money saved and carbon emissions reduced by avoiding travel, plan resources, troubleshoot and resolve meeting support requests in real time. User, endpoint, geography, meeting distribution, call quality and historical trends are all available and can be exported into Excel for further analysis.|
|Supplier type||Reseller providing extra support|
|Organisation whose services are being resold||Bluejeans|
|Staff security clearance||Conforms to BS7858:2012|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||EU-US Privacy Shield agreement locations|
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||
|Other data at rest protection approach||
Secure containers, racks or cages
Physical access control
Assured by independent validation of assertion
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||Data from the analytics portal can be exported through a simple one-click button within the portal. Administrators have access to this information and can be exported via CSV/Excel format.|
|Data export formats||
|Data import formats||Other|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
|Guaranteed availability||SLAs.Service Level Agreements are agreed upon and covered in the Master Service Agreement with our customers.|
|Approach to resilience||The BlueJeans service was built from the ground up by BlueJeans and consists of software that runs on cloud-compute clusters from a leading global server vendor. The service is hosted in multiple ISO27001 certified top-tier co-location data centers around the world, and in each of these PoPs, dedicated cages and racks are protected with 24x7x365 security and multiple levels of biometric access controls. Access to the cages is restricted to BlueJeans Operations personnel.|
Users or administrators can view status via http://status.bluejeans.com/
In the event there is severe degradation or outage of the System, communication procedures are followed. If there is a suspected breach or known intrusion, the Security Incident and Reporting Process is triggered. Administrators will be alerted via email and via telephone if further information is needing to be shared offline. Customer Support will notify affected customers and provide updates when the service is restored.
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||Data is logically seperated. Access is given on a permissions basis. Only specific users in specific roles and job responsibilities will get Access to certain functions. Employee (user) and contractors access to production systems is granted based on role and functional responsibility. Access changes are approved by the business owner. Employee terminations follow Human Resources’ (“HR”) off boarding process. HR sends an email communication to IT, Operations and other internal service groups to disable/remove access as necessary.|
|Access restriction testing frequency||At least once a year|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||Other|
|Other security governance standards||Bluejeans Data Centres where the service is hosted adhere to ISO/IEC 27001|
|Information security policies and processes||
Audited & certified datacentres to ISO 27001, security and privacy policies and controls are aligned with ISO 27001 and ISO 27018. BlueJeans employs a wide range of security management practices to provide a secure and reliable
service to customers. This includes network firewalls throughout the infrastructure to create security
zones for different applications and services. BlueJeans also deploys proxy servers that terminate all
3rd party / customer traffic at a proxy layer. All web traffic passes through industry-leading load balancers
to protect against a suite of application attack vectors.
Beyond the firewall, proxy servers and load balancers, BlueJeans also periodically scans for network,
port, and application-level vulnerabilities. Vulnerability scans are conducted by a leading 3rd party
SaaS provider, in addition to some special-purpose, in-house scanning tools. Furthermore, all of the
3rd party applications and operating system software is checked for security advisories and is patched
Routers, firewalls, load balancers, and proxy application servers are all configured to mitigate numerous
types of DOS attacks. BlueJeans also engages with 3rd party consultants to perform penetration testing
of the service. All of their findings are reviewed and appropriate actions are then taken to address and
mitigate vulnerabilities found in the service.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
The operations team handles all infrastructure maintenance/network build-outs, which have a defined CM process. We have monitoring in place that will alert on failures/other customizable thresholds that are configured. We have devices on our network that do periodic scanning for vulnerabilities and security threats.
The change management policies and documented in our SOC 2 Type II report. All changes to the system must follow the change management procedures which account for emergency changes. Any emergency change must be reviewed with a Root Cause Analysis performed and prevention methods identified to ensure that emergency change is not required in the future.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
BlueJeans periodically scans for network, port, and application-level vulnerabilities. Vulnerability scans are conducted by a leading 3rd party SaaS provider, in addition to some special-purpose, in-house scanning tools. Furthermore, all of the 3rd party applications and operating system software is checked for security advisories and is patched periodically.
Routers, firewalls, load balancers, and proxy application servers are all configured to mitigate numerous types of DOS attacks. BlueJeans also engages with 3rd party consultants to perform penetration testing. All of their findings are reviewed and appropriate actions are then taken to address and mitigate vulnerabilities found in the service.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
BlueJeans employs a wide range of security management practices to provide a secure and reliable service to customers. This includes network firewalls throughout the infrastructure to create security zones for different applications and services. BlueJeans deploys proxy servers that terminate all 3rd party / customer traffic at a proxy layer. All web traffic passes through industry-leading load balancers to protect against a suite of application attack vectors.
Compromises are proactively worked by the BlueJeans InfoSec team and escalated based on severity level until completion.
|Incident management type||Supplier-defined controls|
|Incident management approach||
If there is a suspected breach or known intrusion, the Security Incident and Reporting Process is triggered. BlueJeans has policies for Standard Incident Management to define methods for identifying, classifying, tracking, and responding to incidents that will impact business operations. The following plans are in place: Incidents and Rapid Response plan, Security Incident Reporting and Communication plan, Prevention of Incidents, Breech Notification Protocol, Customer Notification, Internal Notification, External Breech Notification.
The incident response program is tested/utilised on a quarterly basis, customers are notified on the website prior to change, maintenance or as a result of outage/incident. More Information AUR.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£21.35 per user per month|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||VideoCentric can set up free trials & proof of concept trials for customers on a bespoke basis, dependent upon your specific needs.|