I am going to preface this post with a disclaimer
The contents of this post are my opinion and interpretation of the various literature I have read recently. Seek your own legal advice before implementingMark Vale
I’ve been deploying Microsoft Teams voice services in some challenging countries recently. Aside from the connectivity challenges, the regulatory compliance issues we are accustomed to in some of these regions are throwing a spanner in the works, so to speak.
If you have deployed VoIP in India or United Arab Emirates, you will be aware at least of the regulations that do not permit toll bypass.
If you haven’t, then the regulations stipulate that you can only switch PSTN voice with VoIP under certain conditions. Essentially this means that inbound and outbound calls made to or from a number within the country in question must switch over a local service provider network.
In regards to the UAE, this means that a VoIP user within the UAE must use a PSTN service provided by Du or Etisalat (2 national carriers) to make and receive a call, but only if they are within the UAE. If they are out of country, then they cannot be reached using their UAE landline number.
With India, regulations go further by stating that this switching between PSTN and VoIP can only take place in a specified location i.e. the Office where the PSTN to VoIP connection is made.
Microsoft Teams has a feature called Location Based Routing that allows you to configure these users to be compliant with the regulations in these countries. This essentially forces compliance and if the user is in a non-compliant location, the call is denied.
However, with Coronavirus, governments around the world have been forced to adapt and relax regulations in order to keep the country working. It seems that some of these regulations have therefore been relaxed.
In India, on top of the TRAI regulation, there is an OSP (Other Service Provider) license that can be purchased.
An OSP is usually for contact center locations and agents that allow them to act as an agent for customers in other countries without the company or the customer switching over the international PSTN and costing an international call charge to reach an agent. A customer in the UK could legitimately call a UK number and reach an agent in Bangalore and the company be compliant.
Without this OSP, the company would have to call forward the UK number to a Bangalore number in order to reach the agent, thus paying international calling charges for inbound calls.
These OSPs are granted on a per company and per office location historically. With Covid, companies with valid OSPs can allow their agents to work from home and connect to the office remotely. This can either be by VPN or cloud service.
There is some debate that this is also the case when it comes to office workers who aren’t contact center agents. These people as far as I read the regulation, they fall outside the OSP relaxation.
That being said, information coming out of India is that they are also able to work from home during covid as long as the following is in place:
- They are connected to the site remotely using VPN
- Their calls are routed through the site gateway as they were previously
- All CDR logs are kept for a period of 12-months
Putting this into the Microsoft Teams context, this means that the technology used to prevent toll bypass should be updated, but not turned off. There are some calling scenarios that are still illegal even with the relaxation, such as call transfer outside of the “virtual office”.
Ideally these users should connect to the office using a VPN (yes VPN = bad) and then egress to the Microsoft Cloud and Internet in the same manner as they did when they were in the office.
The VPN subnets added to the site location profile for the location based routing to pick up the user’s location as internal.
If you allow public Internet access, that would mean that toll bypass could not be enforced and illegal call transfers could take place, even if it was accidental.
Inside Teams, CDR records are maintained only for 30 days. Therefore, to comply with the 12-month retention requirement a CDR accounting solution is needed, either connected directly to the SBC or some 3rd Party Microsoft 365 Analytics solution.
For UAE, the regulation is not as localised but essentially the same concept, in that users are bound to a specific site and therefore, the virtual office is the same.
If users want to dial international outbound via VoIP to another service provider out of country, then you can purchase an Internet Calling Plan through Du or Etisalat.
As far as I understand the UAE regulation, you still cannot switch a PSTN call in UAE to a VoIP user in the US for instance. So the same configuration is necessary to location based routing as India.
There is a lot of information on the internet that mentions UC services being blocked in UAE. This is true for consumer apps such as WhatsApp. However, the UAE regulators have enabled Microsoft Teams communications for remote workers so there should be no issues with connectivity in this region.
I am deploying an SBC in Dubai in the coming weeks. I’ll report my findings then.
Until then, make sure you are being compliant because although the rules are relaxed, the wolves will come knocking eventually and you’ll have to produce evidence that you maintained compliance throughout the pandemic.