PressArea Online Press Office

We deliver secure online press centres for busy marketing and PR departments. Tools include press release distribution, image, video and document libraries, online press enquiry systems, built-in reporting, social media integration, SEO capabilities, multi-languages and a calls-online-as-a-service solution with ministerial bids, forecasts and log enquiry.


  • Virtual PressOffice Content Management System
  • Online Media Centre For Press Release Distribution and Management
  • Email and Media (Video, Images, Document) Tracking
  • Integrated Press Database and Media Customer Relationship Management CRM
  • Crisis Management, Lines to Take and Dark Site modules
  • Integrated Image, Video and Document Library
  • Responsive Design For Mobile and Notepad Devices
  • Unlimited Users (Admin and Press)
  • Unlimited Image and Document library
  • Calls-online-as-a-service solution with bids, forecasts and log enquiry


  • Publish, distribute and track Press Releases from one platform
  • Integrated image library, video and PDF management
  • Real-time tracking of press release response and coverage
  • Allow press to access content from pad and mobile
  • Incoming press enquiry module means you don't miss a deadline
  • CRM tools to optimise your Press Relations and track contacts
  • Manage and view communications from any device
  • Calls-online-as-a-service in either integrated or as a standalone solution


£700 to £1000 per licence per month

  • Education pricing available
  • Free trial available

Service documents


G-Cloud 11

Service ID

4 9 6 8 4 5 7 8 0 7 9 4 3 0 5



David Smith

0845 226 0435

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints The service offers unlimited users (press and admin), unlimited storage for images, videos and documents, unlimited training and support. Support is 9-5 Mon-Fri.
System requirements Users require modern browser and broadband internet connection

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Email and phone response time is normally within the hour 8am-8pm Mon-Fri,

Email response time within the hour Sat-Sun 9pm-5pm.

A telephone Hotline support service for critical issues is available 24/7/365
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), 7 days a week
Web chat support No
Onsite support No
Support levels A dedicated account manager. 8am-6pm Mon-Friday e-mail support, 9am-5pm Mon-Friday phone support, Included in the cost.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Unlimited training is provided which can either be onsite for 3-4 or more individuals, or online/phone training. Any new staff joining will be eligible to receive free online training
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction We can arrange for data to be exported to any open file format at the end of the contract.
End-of-contract process There are no end-of-contract costs. On termination we will terminate access to the platform preventing further access to the services purchased.

We will extract the data as part of the service cost on exit.

If the buyer has specific needs then a custom service can be provided with a separated fee negotiated.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service None, uses responsive design so content is same as desktop version
Service interface Yes
Description of service interface A web portal allows users to upload edit and delete images/videos/documents/press releases add new users etc
Accessibility standards None or don’t know
Description of accessibility The service is designed to be as easy to use as possible and to follow the Web Content Accessibility Guidelines (WCAG) 2.0 guidelines.
Accessibility testing No testing has been done with assistive technology
Customisation available Yes
Description of customisation The service can be customised to the client's website to make the solution fit in with their current web look and feel. For examples of how we have customised the solution see Our Clients area. Additionally, we can also build and tailor modules to meet clients requirements.


Independence of resources The servers are monitored regularly to see that the service meets our agreed service levels. As usage increases we will add additional capacity to the service. Additionally, the service uses a worldwide Content Delivery Network to take the load off the servers and to deliver images text and video via.

Our system was recently tested by a major worldwide brand when their entire .com site was unable to deliver any pages worldwide for a weekend, and our media centre was their only way of delivering content to their worldwide media network.


Service usage metrics Yes
Metrics types The service includes the ability to either use the clients own analytics or use the built-in Google Analytics and built-in email tracking provided by Campaign Monitor
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Much of the data from reports etc in the application can be exported in either CSV or Microsoft Excel file format directly from the application, any other data can be arranged to be exported by the business in a CSV or ODF file format
Data export formats
  • CSV
  • ODF
Data import formats
  • CSV
  • ODF

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability SLA is base on site uptime and produces a reduction in the next invoiceable month

Monthly Uptime % credit on following month
>99.9% 0%
99.9-99.6% 10%
99.6-99.4% 20%
99.4-99.2% 40%
<99.00% 75%
Approach to resilience Full details are available on request
Key points of the infrastructure:
• A layered architecture to provide performance, resilience and redundancy.
• Traffic is load balanced.
• External Content Delivery Network (CDN) delivers the majority of the traffic for static pages and frequently viewed images/videos/releases to a local cached version.
Outage reporting Email alerts to clients. Reporting is managed internally via PressArea support staff.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels Management interfaces and support channels require username and a strong password over an SSL encrypted channel and requires a Captcha to be completed correctly. Access is prevented after three failed attempts to login.

The most sensitive management areas of the platform such as the database are controlled through 2FA.

A security policy is in place to control access to the areas and only staff who need access are granted access.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification Yes
CSA STAR accreditation date 30/07/2014
CSA STAR certification level Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover The certification covers our hosts Cogeco Peer1 data centre infrastructure in Portsmouth.
PCI certification No
Other security certifications Yes
Any other security certifications
  • SOC 1 TYPE II ISAE 3402
  • SSAE (Statement on Standards for Attestation Engagements) 16 Type II
  • CSAE (Canadian Standard on Assurance Engagements) 3416

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Protecting our client's data is paramount. But we are a small business so we have a chosen a hosting partner Cogeco Peer1 who monitors and maintains the business infrastructure and security on a 365/24/7 basis.
Information security policies and processes We are a small/micro business. We make sure data is secure and software is kept up to date with the latest security patches.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach All code and data changes are logged. Infrastructure changes are handled and tracked via our hosting partner Cogeco Peer1
Vulnerability management type Undisclosed
Vulnerability management approach Patches for the infrastructure are first checked for reliability and are then deployed. Security patches are applied as they appear.

We monitor sites like for details about potential threats
Protective monitoring type Undisclosed
Protective monitoring approach The service is monitored 24/7 by Peer1 and any potential compromises are flagged up within an hour. During working week 8-6 Mon-Fri we will respond within an hour. We have teams in India and US West coast who monitor the site outside of UK working hours enabling us to respond within a few hours during 6pm - 8am. Weekend response times are normally same day.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Users report incidents by email or phone. Incident reports are provided by email to all affected parties.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £700 to £1000 per licence per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial There are demo accounts available that provide access to the entire platform and all functionality to evaluate the platform

Service documents

Return to top ↑