CDS

Hybrid Mail and Outbound Communications

CDS and our partner Publisure offer an integrated multi-channel communications platform for outbound communications, incorporarting hybrid mail, SMS, email, web portal capabilities and print and fulfilment from our secure digital facility in Aylesbury. We integrate with virtually any internal application and help to deliver immediate efficiency and cost savings.

Features

  • Hybrid mail automation of desktop, print and post
  • Auditability and full audit trail of all outbound communications
  • Electronic signatures
  • SMS integration
  • Secure email - PIN encrypted
  • Integrated web portal - print, post, emailm SMS or publish
  • Detailed Management Information
  • Automatic registration and authentication
  • Digitises your physical communications
  • Full MailMark integration

Benefits

  • Immediate cash savings
  • Increased auditability and compliance of outbound communications
  • Simple and easy to deploy
  • Automatically digitises your outbound documents
  • Automates and eliminates manual processes
  • Track posted documents via MailMark
  • Generates an archive of our outbound integration
  • Integrates with your existing multi channel applications
  • Provides full MI reporting

Pricing

£1 to £250000 per licence

Service documents

G-Cloud 11

462849952604442

CDS

James Davis

0113 399 4076

james.davis@cds.co.uk

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Hybrid cloud
Service constraints Then Publisure solution integrates with a range of applications and supports Windows, Citrix and Terminal Services environments and inputs from UNIX environments via 'hot folders' or CUPS integration with the windows print spooler. The solution requires Windows 2012 or above.
System requirements
  • Requires Windows 2012 or above
  • Can be installed in any windows operating environment
  • External firewall changes required if implemented as an outsourced solution
  • Unix Integration via CUPS and Samba share
  • Local Firewall configurations may be required on the Publisure server
  • Supports Delimited datafiles (CSV) or XML inputs
  • Supports PDF or Postscript Inputs
  • PIF/PAF license required for MailMark

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Publisure responds to all tickets within 4 hours. Standard support and maintenance is available Monday to Friday between 9.00am and 5.30pm. Extended weekend cover is available as an additional service to the standard Support and Maintenance offering
For full details of response times, please refer to the service definition document.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.1 AA or EN 301 549
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Support is provided via Publisure's Helpdesk to agreed SLAs. Response times vary depending on the severity of the issue and range from
- Severity 1 (30 minutes)
- Severity 2 (60 minutes - 2 days)
- Severity 3 (4 hours - 5 days)
- Severity 4 (4 hours).
SLA Explanation
Severity 1 - is usually when the problem is detrimental to the business and is impacting the business directly as a result of Publisure software . Severity 2 - is usually if a server, network, application, database goes down which is causing a business impact to users and the business. Severity 3 - Where a bug is raised as part of the support process, Publisure support will liaise with the development team and provide a synopsis of the problem within 2 working days and a proposed timescale for its resolution, within a reasonable time frame. Severity 4 - Where issues are caused by non Publisure software or environments, some advice will be given and support offered, but with no guarantee of resolution.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started CDS provides a tailored on-boarding pathway based on your individual requirements. On-boarding is a collaborative process, involving stakeholder interviews and workshops, through which we will ensure we fully understand your functional and technical requirements. This includes process design, workflow, user experience design, template development, data migration, system integration and hosting.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Publisure provides an open framework for data migration. Data is held in the form of indexed data and associated PDF documents.
On the termination of a contract, the documented Publisure APIs enable the customer to extract all data from the Publisure system. If required Publisure provide consultancy services to help deliver this 'end of life' service.
End-of-contract process Support of the Publisure interfaces and export APIs is provided as part of a valid support and maintenance contract.
Over and above the standard data extraction tools, any additional consultancy services would be charged separately.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install Yes
Compatible operating systems Windows
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Inputs into the system requires the use of a shared windows print device or the ability to drop a PDF into a 'Hot folder'. These requirements may place some limitations on the use of Mobile devices for submission of documents into the system. However, users can access the user interfaces via supported mobile or desktop Browsers .
Accessibility standards None or don’t know
Description of accessibility Testing with assistive technology is being carried out as part of Publisure's ongoing assessment of compatibility standards
Accessibility testing Testing with assistive technology is being carried out as part of Publisure's ongoing assessment of compatibility standards
API Yes
What users can and can't do using the API The solution provides APIs for both inputs and outputs.
The basic Publisure API print driver allows any print enabled application to submit documents into the Publisure system. Publisure also provide a number of pre-configured output APIs. For example, integration with other third party Hybrid Mail solutions providing the customer with a non proprietary platform for automating print and post. Publisure provides a simple scripting language which can be used to create many different forms of output - for example, in addition to our own SMS, secure email and Web Portal applications, the powerful scripting language has been used to create integration with many third party products.
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Users have the ability to customise the user interfaces using standard resources such as logos, text and third party integrations. These configurations are managed through a standard configuration interface.

Scaling

Scaling
Independence of resources The performance of our cloud based services are continually monitored.
We have a detailed scaling model that allows us to scale up or down based on anticipated demand and pro-actively manage the resources available in the Publisure datacentre. The architecture and topology used in the datacentre ensures we have the ability to add additional hardware and software resources on demand.

Analytics

Analytics
Service usage metrics Yes
Metrics types The system provides detailed management information and usage metrics including the name of the originator,workgroup or department, cost centre, recipient, status and delivery method. It also offers a closed loop solution recording how the document was processed, chosen channel and date and time of delivery.
Publisure also provides integrated MailMark capabilities for print and post allowing documents to be tracked through Royal Mail.
Reporting types
  • API access
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Reseller providing extra features and support
Organisation whose services are being resold Publisure

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach A simple set of Publisure reports allow the customer to extract metadata from the database in either CSV or PDF format.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability The cloud option is provided as part of a managed service and benefits from software, support and a secure, fault tolerant (99.95% availability) hosting environment, provided by MemSet (www.memset.com), which is certified to ISO27001.
MemSet use two UK Datacentre located in Reading, Berkshire. Both sites have state-of-the-art facilities, top-quality connectivity and are manned 24/7 with skilled personnel.
Approach to resilience This Information is available on request
Outage reporting Alerts are generated by the client software if there is an outage in the datacentre.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Where the software is implemented on client side, authentication is managed through the customers Active Directory configurations and Group Policies. If not directly integrated into Active Directory Publisure utilises Username and Password authentication. Passwords have to conform to agreed standards of complexity. Additionally two step authentication can be implemented requiring the additional use of a security PIN Number.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Publisure have implemented a detailed and robust policy on security governance and are in the final stages of gaining ISO27001 accreditation
Information security policies and processes As part of our ISO 27001 accreditation we have detailed and documented information security policies, which cover all aspects of information governace.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All hardware and software changes are tracked in accordance with Publisure's ISO27001 policies. In terms of software development we use a structured change management platform BitBucket. This allows Publisure to incrementally manage the development and evolution of our software platforms at an individual component level. Each time a new version of the software is released it undergoes an internal security audit followed by a full penetration testing exercise.
Vulnerability management type Supplier-defined controls
Vulnerability management approach The Publisure architecture and associated technologies have been designed to minimise any potential threat or external vulnerabilities. Publisure rigorously maintain firewall and anti virus software to ensure the system is always up to date with the latest available configurations We assess potential threats to our service by collating information from a number of different sources - Security partners, Specialised Software partners and Infrastructure Provides to ensure we meet ongoing challenges. Patches are deployed as soon as they have been validated, tested and released.
Protective monitoring type Undisclosed
Protective monitoring approach Publisure have a policy of continuous improvement and periodically review processes for potential threats. These cover both internal and external services.
Every new version of the software undergoes a full penetration testing exercise before being made available. If a potential threat is identified, the vulnerability is assessed and prioritised . Typically inclidents are responded to within 24 hours.
Incident management type Undisclosed
Incident management approach Any problem identified by the customer is logged with the Publisure Help Desk. The Help desk raises a support ticket and provide an incident number. Publisure agree the Incident severity and engage with the customer to reach a resolution within agreed SLA's. For serious incidents, a specific incident report is raised and a thorough review of the incident is undertaken to identify the cause and resolution. These findings together with any additional recommendations are documented and agreed with the customer.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks NHS Network (N3)

Pricing

Pricing
Price £1 to £250000 per licence
Discount for educational organisations No
Free trial available No

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑