UNIFIEDPOST LIMITED

Unifiedpost Group Hybrid Mail Solution

Unifiedpost Group is a global FinTech providing digital and printed transactional communication and document solutions. Hybrid mail is a cost-efficient alternative to in-house print and post. Accessible anywhere at the touch of a button. Our hybrid mail solution supports the transition to e-documents, multichannel document delivery and remote working practices.

Features

• Instant cost savings via bulk printing and mail consolidation
• Multichannel delivery options via email, SMS, print and post
• Create a library of templates such as letterheads, attachments, inserts
• Same day document dispatch
• Choice of print and document configuration
• User and group access controls
• Optional approval process before each document is sent
• Full audit trail and reporting suite available
• Dedicated project team and account managers
• Remote set-up and installation

Benefits

• No monthly subscription, only pay for what you mail
• No volume commitment
• Reduced mailing and printing costs such as paper, envelopes, ink
• Eliminates the need for in-house print and mail equipment
• Supports remote working and hybrid working businesses
• Consolidated branding using fixed templates such as letterheads
• ISO 9001, 14001, 27001 and 22301 certified
• Cyber Essentials Plus certification
• Regular service review meetings to support continuous improvement

£0.44 a unit

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@unifiedpost.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

117519430863017

Contact

Rob Patrick
0161 766 5544
tenders@unifiedpost.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: The platform will work with all commonly used hardware and software platforms.
• System requirements:
  • Buyers can access the system using a web browser
  • A virtual print driver can be installed locally

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We have a standard SLA to respond to customer queries within 2 hours when they do not impact the service. However, our Customer Service Team typically respond in a matter of minutes.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: First line support is provided by the UPG Customer Service Team and your dedicated Account Manager.; Second line support is provided by the UPG in-house Development Team, who have extensive knowledge of each customer's solution and the ability to resolve most issues promptly.; Third line support is provided by the Infrastructure Team that manage and maintain the data centres.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: UPG develops a statement of work with each customer to define the system configuration that meets the customer's specific requirements. Nominated users will complete training during a video call or on-site on how to provide documents to be printed and the document management platform. Trainers confirm understanding and user guides are also provided. Further Train the Trainer sessions are completed to give the buyer’s staff the capability to provide new user and refresher training when required.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: UPG will create an export file(s) containing the agreed data. This can be encrypted if required and is typically in csv or xml format.
• End-of-contract process: Client data is either securely destroyed (certificated) or extracted in the agreed client format.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Currently the service is the same on both mobile and desktop devices. A specific mobile interface may be developed later.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: Users can submit documents to print via the API and users can retrieve documents from our document management system to view in their own systems via the API.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The core application behind the service is a workflow engine that manages automated rule-based processes. UPG will configure the workflow against the agreed requirement and this can include customer selectable options and customer branding.

Scaling

• Independence of resources: Appropriate resources are defined in line with our Business Continuity Strategy and outlined in the Project Plan that is created on a contract basis. This sets out the minimum resources and skill sets required to deliver each individual contract. It also includes contingency requirements to maintain suitably skilled staffing levels in the event that scheduled staff are unable to complete their duties due to sickness or authorised/unauthorised leave is taken.

Analytics

• Service usage metrics: Yes
• Metrics types: UPG has a comprehensive reporting suite to provide detailed Management Information. This allows the buyer to have visibility of all work commissioned at each stage of the processing lifecycle, providing assurance SLAs are being met and the services are running as expected. Information backed up by a comprehensive monthly MI pack and gives clear sight of UPG performance against agreed SLAs. It also includes an issues management log and key volumes analysis to ensure buyer's are using the most cost effective service.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Files can be downloaded directly from the web portal either individually or in bulk.
• Data export formats:
  • CSV
  • Other
• Other data export formats: PDF
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Word
  • PDF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: Our SFTP software is hosted in an off-site, secure cloud environment delivering the strongest levels of encryption of any file transfer client on the market: industry-leading 256-bit AES encryption and FIPS 140-2 validated cryptography secures files during transfers over SSL/FTPS and SSH/SFTP protocols.
• Data protection within supplier network: Other
• Other protection within supplier network: UPGs internal network is physically separate from the system. Customer data on this LAN is not accessible from the Internet.

Availability and resilience

• Guaranteed availability: The availability of our system is 99.95% and includes a full DR capability. Based on this, we agree individual SLAs and service credits with each customer.
• Approach to resilience: The system resides in two geographically separate data centres, one providing DR. All data is copied to the DR site before processing and the two systems are synchronised multiple times each day.
• Outage reporting: We will notify users of planned outages via the web portal and email, together with the reason and impact. Unplanned outages will be notified via email with details of the failure, corrective action and impact.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Each user, or group of users, has a comprehensive set of access controls which limits what can be viewed down to individual documents, and what functions are made available. For example, if a user does not have authority to email a document, then this function is completely missing from their portal screen.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International
• ISO/IEC 27001 accreditation date: 03/07/2020
• What the ISO/IEC 27001 doesn’t cover: ISO 27001 covers all of UPG's data security activities.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: ISO 22301

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials Plus
• Information security policies and processes: UPG is accredited to ISO 27001 and has instigated policies and procedures to comply with this standard. Regular audits and non-conformance reviews are carried out and reported to the Managing Director.; ; UPG approach security governance in the strongest of manners. We have a Data Protection Officer to ensure we are always up to date with the latest requirements for GDPR and all aspects of data security in our business. We also have a Quality & Compliance Manager to monitor that all processes are being followed, and in line with the ISO accreditations we hold. Internal refresher training is provided and any non-conformances logged and addressed immediately.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All changes are documented and signed off by all stake holders prior to any work being started. The change is then developed in UPG's separate development/test environment and subject to UAT before being submitted to the change board for approval to promote to production. Version control is applied to the production environment with all changes logged and records kept.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: UPG will apply patches via the change control process promptly. The IT Manager is responsible for the patch process and monitoring potential threats. He achieves the latter in conjunction with the data centre hosting providers who manage IG Soc and N3 secure services.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: • Our internet facing servers sit within a DMZ and are behind firewalls.; • The DZM UTM firewalls automatically perform advanced security filtering across multiple attack vectors (URL, Application, IPS, Zero Day).; • If an issue is flagged a ticket is automatically raised; • This service runs 24\7\365; • Any issue raised is assigned the relevant priority.; • As monitoring is automated, any issues detected immediately raises a ticket.; • Based on the priority that has been assigned the response time\update times would vary in line with the contractually agreed incident management SLA’s:
• Incident management type: Supplier-defined controls
• Incident management approach: The system is managed in accordance with ITIL V3, including the incident management process.; Quarterly reviews between UPG and the data centre hosting services provider review the incident log and verify corrective action.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  UPG has revised its corporate Environment Policy to strengthen its environmental commitments and taken steps to improve the Environmental Management Systems by obtaining ISO 14001. We have also just been audited and successfully re-accredited with ISO 14001, achieve zero non-conformances. ; ; We also acknowledge the Climate Emergency and the importance of reaching Carbon Net Zero as a business. With that in mind it is the businesses aim to be Carbon Net Zero by 2030 and we are currently finalising our Net Zero Carbon Reduction, which will be published on our website shortly.; ; We are increasingly determined to have a positive effect on the environment and to avoid any unintended consequences through its actions and is committed to accelerate and support the wider UK Government in its ambition to become the world’s first Net Zero country.; ; UPG adopt the UN Climate Neutral Now definition of Net Zero as “the state where a balance between anthropogenic greenhouse gas (GHG) emissions and removals is achieved”, by taking the following actions:; ● Measure 100% of the organisation’s GHG emissions; ● Reduce GHG emissions as far as possible; and; ● Offset remaining emissions through projects that remove carbon from the atmosphere in the long term
• Tackling economic inequality:

  Tackling economic inequality

  At UPG we are constantly looking at ways to do more as a business and, along with the currently climate emergency, we understand the importance in supporting communities all over the UK to balance our inequalities in everyday life. That is why we have implemented a number of initiatives that span outside of our own locality and have a reach that can support the needs of any area. This includes, but is not limited to, supporting/mentoring those out of work or young people looking to gain employment, providing tech to the children that need it most to support their education, funding community projects and/or using suppliers from your area.
• Equal opportunity:

  Equal opportunity

  The Company is an equal opportunities employer and is committed to opposing all forms of discrimination in the workplace. We will not tolerate discrimination based upon age, disability, marital status, race, colour, nationality, ethnic origin, religion, sex or sexual orientation and gender. The ; Company will make decisions without reference to discriminatory criteria.

Pricing

• Price: £0.44 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@unifiedpost.com. Tell them what format you need. It will help if you say what assistive technology you use.