eFax Corporate - Cloud Faxing

The eFax Corporate® cloud fax service lets your staff send and receive faxes by email, online portal, or mobile app, using their PC, laptop, smartphone or tablet. It eliminates the need for expensive fax servers and traditional fax machines, replacing ongoing equipment, software, supplies, licenses, and telecom costs.


  • fax by email, online portal or mobile app
  • Advanced reporting features
  • User administration - manage groups, numbers
  • Electronic signature
  • eFax Router connects the MFP fax function to Fax
  • eFax API connects ERP and other software systems to eFax
  • Fax Direct - Allows to send faxes via the scanner
  • eFax Secure - advanced encryption
  • eFax Messenger - Desktop application
  • Send to multiple recipients


  • Reduces capital expenditure on fax hardware
  • Removes the need for physical fax lines - Cost saving
  • Increases employee productivity - no standing beside fax machine
  • Reduces faxes being sent to the wrong number
  • Scalable solution
  • Increase confidentiality - no faxes on a shared fax machine
  • Remove maintenence and support required by your IT department


£6.65 to £17.95 per unit per month

  • Free trial available

Service documents


G-Cloud 11

Service ID

7 0 2 1 3 1 4 9 8 6 7 6 9 1 7



Kevin Lyons

0800 6890 588


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints Not currently
System requirements
  • Internet Access
  • Software download (efax Messenger and Router features only)

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Within 24 hours
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support No
Support levels 24/7 phone support
We have different levels of technical support
We provide an account manager who can escalate to a technical support team if required.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Online Training and user documentation
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Default is that fax data is not stored as per customer requests. For customer who request fax data to be stored can access this prior to contract end date. Reports can be exported to excel prior to contract end date.
End-of-contract process Customers give 30 days notice and at the end of the contract access will be removed. All data is removed at end date of contract with the exception of billing metadata (summary) which is stored for 7 years.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service No
Service interface Yes
Description of service interface Integrates seamlessly to you email account without any configuration required. There is an online portal, mobile app and desktop application also available.
Accessibility standards None or don’t know
Description of accessibility Users can use their email, and admin portal or a mobile app. They can also download an desktop application if they wish.
Accessibility testing We constantly review the usability of our interfaces, including customer feedback. We provide regular updates to our cloud and features.
What users can and can't do using the API We have a special team and supporting documentation that can a help users through the setup process.
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available No


Independence of resources Our globally distributed network ensures high availability and load balancing across data centers and co-locations, enabling j2 to manage fax data
traffic and reroute additional loads should one data center
be disrupted.

Successful delivery maybe delayed due to the recipient fax number being engaged or telecom carrier issues. After a failed send fax transmission eFax will re-try 5 times to send the fax. The number of re tries is configurable within the API.


Service usage metrics Yes
Metrics types Fax usage reports (pages and billed pages) by date period. These reports can be viewed by administrative groupings.
Reporting types Real-time dashboards


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations EU-US Privacy Shield agreement locations
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Download their data from the online / admin portal
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF (inbound faxes)
  • Tiff (inbound faxes)
Data import formats Other
Other data import formats
  • PDF
  • Tiff
  • DOC
  • XLS
  • 50+ file formats accepted as outbound fax formats

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability The network servers uptime is targeted at 99.5% except for periods during scheduled or emergency works. Customers will get 1% of the customers recurring monthly fee if they can demonstrate an impact on service due to the SLA failure
Approach to resilience Disaster Recovery & Business Continuity j2 Global maintains a dedicated disaster-recovery site for the network management services normally maintained in the Los Angeles Data Center. Disaster-recovery plans
are reviewed and tested on a quarterly basis.

Inbound and outbound eFax services are maintained with a high level of
business continuity on N+1 engineering and geographically
dispersed site redundancy.
Outage reporting We send email alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels We follow the standard of least access privilege. Only those who need access for their job responsibilities are granted such access. Auditing is enabled, logged and reviewed to proactively identify unauthorized activity.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Expecting HITRUST certification shortly

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Security governance approach
We are in process of gaining certification for HITRUST (rigorous US based IT Security/Process certification for organizations processing healthcare information). Our governance standards are based off of NIST, ISO, GDPR, SOX, CIS and other standards.
Information security policies and processes Our information security team is structured into Ops, Engineering and Governance/Risk/Compliance stacks, all reporting into a Global CISO. Our CISO reports into our CTO, and presents quarterly updates on the status of our program to our CTO and CEO. The board of directors also receives at least quarterly updates on progress. Separately, Internal Audit performs independent reviews of our program.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach We utilize a ticketing system for our SDLC process to track all changes made to our product/application. Changes require validation through Dev/QA/Production, a Change Control Board (CCB) controls all changes that are proposed to be implemented to production (ensuring each has proper approval from all parties), and only our Operations team can implement changes in production (our engineers do not possess access to do so). Further, security is involved in the CCB and additionally performs scans for changes to ensure security posture is not impacted.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach We perform ongoing scans of our environment in order to assess potential threats. We are in the process of deploying SLAs organization wide to ensure that any critical vulnerability is addressed within 48 hours. We obtain information on threats from various service providers specializing in that field, as well as subscription feeds and monitoring of infosec forums.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach We deploy 24/7/265 integrated monitoring in our environment. When a potential incident is received, an investigation immediately begins to assess and declare an incident. If an incident is declared, we have a formal incident response process and team, including our Technology group, Legal, Information Security, and other teams as deemed necessary.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach We have formal and documented incident response process, including playbooks and contact sheets. Users may report incidents directly to the information security office by email or by reporting to the help desk/NOC. InfoSec provides incident reports to management throughout the incident, as well as on quarterly updates.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £6.65 to £17.95 per unit per month
Discount for educational organisations No
Free trial available Yes
Description of free trial Full access to a demo account prior to subscription. There is also an option to get a free trial

Service documents

Return to top ↑