Service Level Management Ltd

Publisure - Hybrid Mail and Integrated Secure email, SMS and Web Portal

Publisure is an integrated Multi Channel communications platform for outbound communications - it incorporates Internal/External Hybrid Mail, SMS, Secure email and web portal capabilities.

Publisure integrates with virtually any internal application.

Publisure provides a simple middleware solution to enable your digital transformation.

Publisure delivers immediate cashable savings


  • Hybrid Mail Automation of desktop print and post
  • Auditability and Compliance Full audit trail for your outbound communications
  • Electronic Signatures Securely Add signatures to documents before submission
  • SMS integration (including DNA strategy for NHS)
  • Secure Email - PIN encrypted email communications
  • Integrated Web Portal - Print, Post, Email, SMS or Publish
  • Detailed Management Information for users, workgroups, departments cost centres
  • Automatic registration and authentication process for Patient communications
  • Simple Middleware solution to digitise your physical communications
  • Full MailMark integration for Document despatch


  • Publisure Generates immediate cashable savings
  • Publisure Provides Increased auditability and compliance for outbound communications
  • Publisure is simple to integrate and deploy across the organisation
  • Publisure automatically digitises your outbound documents for eDelivery
  • Publisure automates and eliminates manual processes for print and post
  • Publisure enables the organisation to implement simple document workflows
  • Publisure provides the ability to track posted documents via MailMark
  • Publisure automatically generates an archive of your outbound integration
  • Publisure integrates with your existing multi channel applications
  • Publisure provides full Management information Reporting


£1 to £250000 per licence

  • Free trial available

Service documents

G-Cloud 10


Service Level Management Ltd

Andrew Percival

01622 320075

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Hybrid cloud
Service constraints Publisure integrates with your existing applications. As a simple piece of middleware, Publisure integrates with any application capable of printing. Publisure offers a scalable architecture. Publisure supports Windows, Citrix and Terminal Services environments. Publisure accepts inputs from UNIX environments via 'hot folders' or CUPS integration with the windows print spooler. Where files are being outsourced for external print and fulfillment (Outsourced Hybrid Mail) there is an agreed 'cut off time' for onward submission from the local collection server..
System requirements
  • The Publisure server component requires Windows 2012 or above
  • Publisure clients can be installed in any windows operating environment
  • External firewall changes required if implemented as an outsourced solution
  • Unix Integration via CUPS and Samba share
  • Local Firewall configurations may be required on the Publisure server
  • Publisure Supports Delimited datafiles (CSV) or XML inputs
  • Publisure supports PDF or Postscript Inputs
  • PIF/PAF license required for MailMark

User support

User support
Email or online ticketing support Email or online ticketing
Support response times All tickets are responded to within 4 hours.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.0 AA or EN 301 549
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Annual Support and Maintenance is 20% of RRP.

Consultancy is charged at £950 per day

Support is delivered through the Publisure Helpdesk

Levels of support and associated SLAs are determined by the severity of the issue.

Severity Level Acknowledge Resolution Update
Severity 1 30 minutes 1 day As agreed to per incident
Severity 2 60 minutes 2 days Twice daily
Severity 3 4 hours 5 days Daily
Severity 4 4 hours No SLA No SLA

Severity 1 - is usually when the problem is detrimental to the business and is impacting the business directly as a result of Publisure software .

Severity 2 - is usually if a server, network, application, database goes down which is causing a business impact to users and the business.

Severity 3 - Where a bug is raised as part of the support process, Publisure support will liaise with the development team and provide a synopsis of the problem within 2 working days and a proposed timescale for its resolution, within a reasonable time frame.

Severity 4 - Where issues are caused by non Publisure software or environments, some advice will be given and support offered, but with no guarantee of resolution.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started For simple print and post solutions the customer is able to download the print driver from Publisure website.

Once installed and registered the intuitive Publisure print driver interface enables the customer to start using the software almost immediately.

Users are able to access on-line manuals and training documents.

Publisure has a great deal of experience managing successful implementations from inception through to delivery. For larger or more complex requirements, Publisure can provide a complete pre and post sales service.

Publisure offers a managed project management service

We have a proven implementation process to ensure the customer is able to hit the ground running.

For example prior to any implementation of larger Publisure solutions it is important we agree the scope of the project and success criteria.

As part of the engagement process Publisure can provide a detailed on-site analysis of current workflows to capture and agree customer requirements and how they will be delivered by the implementation.

Publisure provides a full suite of installation, configuration and training services to support the deployment and roll out of the solution.

Publisure provides structured training for Users, System Administration, on-going Deployment and 1st line internal support.

We provide onsite and remote training services
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Publisure provides an open framework for data migration.

Data is held in the form of indexed SQL data and associated PDF documents. On end of contract, the documented Publisure APIs enable the customer to extract all data from the Publisure system.

If required Publisure can provide consultancy services to help deliver this 'end of life' service.
End-of-contract process Support of the Publisure interfaces and export APIs is provided as long as there is a valid support and maintenance contract in place.

Over and above the standard data extraction tools, any additional consultancy services would be chargeable

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Firefox
  • Chrome
  • Opera
Application to install Yes
Compatible operating systems Windows
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Inputs into the Publisure system require the use of a shared windows print device (or alternatively) the ability to drop a PDF into a 'Hot folder'. These requirements may place some limitations on the use of Mobile devices for submission of documents into the system. However
Users can access the Publisure user interfaces via supported mobile or desktop Browsers .
Accessibility standards None or don’t know
Description of accessibility The Publisure interfaces are currently undergoing validation and development to meet accessibility standards
Accessibility testing Testing with assistive technology is being carried out as part of our ongoing assessment of compatibility standards
What users can and can't do using the API Publisure provides APIs for both inputs and outputs


The basic Publisure API is the use of the Publisure print driver. This enables any application that prints to submit documents into the Publisure system

Additionally Publisure incorporates the use of 'hot folders'

A simple user configuration tool known as ARC is used to create simple business rules to identify and index an organisations printed documents.


Publisure provides a number of pre-configured output APIs

For example, in addition to our own Hybrid Mail service, Publisure can integrate with many other third party Hybrid Mail solutions providing the customer with a non proprietary platform for automating print and post.

Publisure provides a simple scripting language which can be used to create many different forms of output - for example, in addition to our own SMS, secure email and Web Portal applications, the powerful scripting language has been used to create integration with many third party products.

All of the above means that Publisure delivers a powerful middleware tool, digitising your physical communications and ensuring they are output using your preferred Hybrid Mail or Digital delivery platforms
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation User Interface

User have the ability to customise the user interfaces using standard resources such as logos and text. These configurations are managed through a standard configuration interface.

To manage outputs, Publisure is specifically designed to deliver an open platform for your outbound communications.

on Input, Publisure will centralise, normalise, digitise and aggregate your unstructured physical communications.

Because each document is uniquely identified and indexed in the Publisure database, the customer is able to create bespoke routines that determine how outbound documents are managed and communicated.

For example, unlike other Hybrid Mail solutions that only interface with a suppliers own proprietary print and fulfilment workflow, Publisure provides a simple framework that allows the customer to choose which Hybrid Mail suppliers to use. This ensures the customer does not find themselves locked into a single proprietary solution.

In addition to our own SMS, Secure email and Publisure applications, Publisure provides an open framework that seamlessly integrates with third party print and fulfilment workflows (such as Neopost, Pitney Bowes, Kern etc.).

For digital communications, Publisure provides a simple scripting language that allows it to create specific outputsfor third party APIs and applications.


Independence of resources The performance of our cloud based services are continuously monitored

We have a detailed scaling model that allows us to anticipate and pro-actively manage the resources available in the Publisure datacentre.

The architecture and topology used in the datacentre ensures we have the ability to add additional hardware and software resources on demand.


Service usage metrics Yes
Metrics types Publisure provides detailed management information and usage metrics.


Publisure provides MI on an individual document level, including who submitted it, The workgroup or department, cost centre, recipient, status and delivery method.


The Publisure closed looped solution ensures detailed MI is also provided in terms of how the document was processed and delivered

We provide detailed information about whether the document was posted,emailed or Published on-line.

Publisure provides integrated MailMark capabilities for print and post allowing documents to be tracked through Royal Mail.

Publisure also highlights documents that have not been processed within agreed SLAs.
Reporting types
  • API access
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach A simple set of Publisure reports allows the customer to extract metadata (indexed information) from the Publisure database in either CSV or PDF format.
Data export formats
  • CSV
  • Other
Other data export formats PDF
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Publisure is hosted in a secure, fault tolerant (99.95% availability) environment by MemSet.

This is the SLA for the Publisure service
Approach to resilience This Information is available on request
Outage reporting Alerts are generated by the client software if there is an outage in the datacentre.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Where the software is implemented internally, authentication is managed through the customers Active Directory configurations and Group Policies.

If not directly integrated into Active Directory Publisure utilises Username and Password authentication. Passwords have to conform to agreed standards of complexity.

Additionally two step authentication can be implemented requiring the additional use of a security PIN Number.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach We have implemented a detailed and robust policy on security governance and are in the final stages of our ISO27001 accreditation
Information security policies and processes As part of our ISO 27001 accreditation we have detailed and documented information security policies - these cover all aspects of information governace

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All hardware and software changes are tracked in accordance with our ISO27001 policies.

In terms of software development we use a structured change management Platform BitBucket. This allows us to incrementally manage the development and evolution of our software platforms at an individual component level.

Each time a new version of the software is released it undergoes an internal security audit followed by a full penetration testing exercise.

All changes need to be authorised by a senior manager
Vulnerability management type Supplier-defined controls
Vulnerability management approach The Publisure architecture and associated technologies have been designed to minimise any potential threat or external vulnerabilities.

We rigorously maintain firewall and anti virus software to ensure we are always up to date with the latest available configurations

We assess potential threats to our service by collating information from a number of different sources - Security partners, Specialised Software partners and infrastructure provides.

We review this information to ensure we are in a position to meet the challenges of this dynamic environment

Patches are deployed as soon as they have been validated, tested and released.
Protective monitoring type Undisclosed
Protective monitoring approach We have a policy of continuous improvement and periodically review our processes for potential threats.

These cover both internal and external services

Every new version of the software that is released and associated changes to the data centre go through a full penetration testing exercise before being made available.

If a potential threat is identified, we assess the vulnerability and prioritise an action plan to address it.

Typically we respond to incidents within a 24 hour period
Incident management type Undisclosed
Incident management approach Any problem identified by the customer is logged with the Publisure Help Desk. The Help desk raise a support ticket and provide an incident number. Publisure agree the Incident severity and engage with the customer to resolve it within agreed SLA's.

The Incident Report process.

For serious incidents, a specific Incident report is raised . Management of an Incident report is the responsibility of a senior manager.

Publisure undertakes a thorough review of the incident, what caused it, and how it was resolved. These findings together with any additional recommendations are documented and agreed with the customer.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks New NHS Network (N3)


Price £1 to £250000 per licence
Discount for educational organisations No
Free trial available Yes
Description of free trial For simple trials Users are able to download a print driver from our web site - Transactional costs are not included (costs of print and post) Larger trials are available based on mutual agreement between Publisure and the customer based on agreed scope and success criteria.


Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑