CallScope · a Belton IT Nexus product Hosted in NZ / AU · On-prem · Air-gapped
CallScope by Belton
Deployment & security

Deployed your way. Secured by design.

Government, defence and education do not bend their security posture to fit a product. CallScope flexes to fit yours, from managed SaaS in your region to a fully air-gapped install, with the access control, auditability and residency those reviews demand.

Three ways to run it

Pick the hosting model your compliance team will sign off.

Option A

Managed SaaS

  • We run and maintain it
  • Hosted in the region you choose
  • Fastest to stand up
  • Your data stays in-region
Option B

On-premise / self-hosted

  • Runs in your environment
  • Your infrastructure, your control
  • No third-party data hosting
  • For strict data-sovereignty needs
Option C

Air-gapped / sovereign

  • Fully isolated install
  • No offshore egress
  • For the highest-assurance settings
  • Scoped per engagement

Not sure which fits? Tell us your residency and compliance requirements on the pricing form and we will recommend the right model.

Managed SaaS regions

Host your data where you need it.

Choose the region your call data lives in. If your obligations require a country we do not list, ask us, on-premise and air-gapped options cover the rest.

New ZealandAustraliaUnited StatesUnited KingdomGermanySingaporeHong KongSouth Africa
Contact centre agent on a headset handling a call at a workstation

Security that holds up under review.

From a council service desk to a defence help line, CallScope is built to pass the procurement and security checks that come with handling other people's calls.

Security controls

The controls a procurement review looks for.

Access control

Role-based access with least-privilege defaults, plus per-feature restrictions for sensitive views.

Single sign-on

Microsoft Entra ID SSO with enforced MFA for privileged accounts.

Audit trail

A tamper-evident, append-only log of access and changes, built for review and investigation.

Encryption

Encryption in transit, and sensitive secrets encrypted at rest.

Data residency

Choose where your data lives: a SaaS region, your own data centre, or air-gapped.

Read-only & propose-only

Read-only against your PBX; any automation drafts for human approval, never acts on its own.

Compliance posture

Designed around the frameworks you are held to.

CallScope is engineered around the control principles expected by ISO 27001, SOC 2, the NZ Privacy Act 2020, NZISM and the ACSC Essential Eight: access control, auditability, encryption, data minimisation and residency. We work through your specific control requirements during scoping and provide the evidence your reviewers need.

Where a formal certification is relevant to your procurement, we tell you exactly what is and is not certified, with no overclaiming. For the highest-assurance environments, on-premise and air-gapped deployment keep your call data entirely inside your own boundary. See the full compliance & security detail, read about what CallScope does, or how pricing works.

Deployment & security FAQ

Common questions from compliance and IT teams.

Where can CallScope be hosted?

As managed SaaS you can choose New Zealand, Australia, the United States, the United Kingdom, Germany, Singapore, Hong Kong or South Africa, so your call data stays in the region you need. You can also run CallScope on your own infrastructure (on-premise) or as a fully air-gapped install with no offshore egress.

Can we keep all data in our own country?

Yes. Managed SaaS pins your data to the region you select, and on-premise or air-gapped deployment keeps everything inside your own environment. Tell us your residency requirement and we configure the deployment around it.

Does CallScope change anything on our phone system?

No. CallScope connects to your 3CX or VoIP platform read-only. Any automation is propose-only: it drafts an action for a person to approve, and never acts on its own.

Is CallScope suitable for government and defence?

Yes. It is built around the access control, auditability, encryption and residency controls those reviews expect, and supports on-premise and air-gapped deployment for the highest-assurance settings. We provide the control evidence your reviewers need during scoping.

Which compliance frameworks does CallScope align to?

CallScope is engineered around the control principles expected by ISO 27001, SOC 2, the NZ Privacy Act 2020, NZISM and the ACSC Essential Eight. Where a formal certification matters to your procurement, we tell you exactly what is and is not certified, with no overclaiming.

Bring us your compliance requirements.

Residency, hosting, control frameworks, timelines: put them on the form and we will respond with pricing and a deployment plan built around them.

Get pricing