RPOST UK LIMITED

RMail Registered Email, Email Encryption, Esignatures, File Transfer

RMail provides legal proof of email delivery, email encryption, encrypted reply, e-sign simple electronic signature, file share of mails up to 1 GB, email redaction, legal proof of email sent, email authentication by recipient and sender. No requirement for a portal to be used. RMail utilises direct delivery.

Features

  • Registered Email, Secure
  • Email Tracking
  • Email Encryption and Registered Encryption
  • Electronic Signatures
  • Prevention of Email to wrong recipient
  • Secure email File Share up to 1GB
  • Registered Email Encryption with authenticable tamperproof receipt
  • Digital Seal proof of email sender
  • Legal proof of email delivery

Benefits

  • Patented Registered Email with legal proof of delivery
  • Largemail secure file sharing up to 1Gb
  • End to End email encryption with selected email encryption standard
  • Simple user friendly Outlook/ Gmail add-in to deliver these features
  • Easily integrates with Rest API's
  • Build all features into your business applications
  • Quick configuration to specific features desired

Pricing

£144 a licence a year

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rpost-uk@rpost.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

2 5 6 2 7 2 2 9 2 4 4 3 7 5 9

Contact

RPOST UK LIMITED Daniel McQuail
Telephone: 02036333505
Email: rpost-uk@rpost.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Email and other digital business services like CRM
Cloud deployment model
Public cloud
Service constraints
Some of the features arent currently supported on Apple devices
System requirements
  • Works with Gmail
  • Works with SalesForce
  • Works with any Outlook and Office 365 versions

User support

Email or online ticketing support
Email or online ticketing
Support response times
Various support plans are available.

On basic plan response times are different at weekends but can be tailored to suit.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 A
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 A
Web chat accessibility testing
None
Onsite support
Yes, at extra cost
Support levels
(1) Plan pricing is a percent of the service order with minimums: a) *Premium: The greater of (a) 10% of total service order or (b) 25/month or 250/year if pre-paid b) *Platinum: The greater of (a) 15% of total service order or (b) 50/month or 500/year if pre-paid c) *Enterprise: The greater of (a) 20% of total service order or (b) 250/month or 2500/year if pre-paid (2) Included Live Phone/Live Remote Access aggregate instances per month: Premium: 2, Platinum: 3, Enterprise 3. (3) Eligible for enhancement, each enhancement has an additional cost. (4) Included Registered Receipt™ E-Delivery Investigative Support instances per month: Platinum: 2, Enterprise: 3. Full Support plan information available on request.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
By providing training and documentation on the Onboarding Portal.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
RPost does not permanently store user data
End-of-contract process
RPost can terminate the service as requested and as we dont store user data there are normally no further activities required.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
Yes
Compatible operating systems
  • MacOS
  • Windows
Designed for use on mobile devices
No
Service interface
Yes
User support accessibility
WCAG 2.1 A
Description of service interface
User friendly UI that allows access to features
Accessibility standards
WCAG 2.1 A
Accessibility testing
None but meets standards
API
Yes
What users can and can't do using the API
All features available by API except

Licence allocation
Usage Reporting
API documentation
Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Features can be selected as desired, and other services can be added such as branding. Mixture of user enable customisation and supplier only customisation

Scaling

Independence of resources
Use of a scaleable and highly redundant failover architecture on AWS.

Analytics

Service usage metrics
Yes
Metrics types
Through the RPortal users and administrators can monitor their usage and pull reports including historical.
Reporting types
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Data is not permanently stored.
Data export formats
Other
Data import formats
Other
Other data import formats
Not Applicable

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
https://rpost.com/legal-notices/service-level-agreement
Approach to resilience
https://rpost.com/legal-notices/service-level-agreement.
Information available on request
Outage reporting
Email Alerts

Identity and authentication

User authentication needed
Yes
User authentication
Other
Other user authentication
Via Email Suffix
Access restrictions in management interfaces and support channels
Registered Users
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
Yes
Any other security certifications
  • ISO9001, ISO27001, ISO27017 ISO27018 via AWS
  • RPost systems conform to the NIST 800-171

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
RPost has policies, procedures, and infrastructure to protect the physical security of its business offices and development lab. RPost infrastructure that operates the RMail services is an Amazon AWS infrastructure that carries an ISO 27001 Certificate and SOC2 Report. AWS operates, manages, and controls the components from the host operating system and virtualization layer down to the physical security of the facilities in which the service operates. Access to any of these reports can be provided if required.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
RPost maintains a change management process to ensure that all changes made to the production environment are applied in a deliberate manner. Changes to information systems, network devices, and other system components, and physical and environment changes are monitored and controlled through a formal change control process. Changes are reviewed, approved, tested and monitored post-implementation to ensure that the expected changes are operating as intended.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Security assessments shall be undertaken on a regular basis to identify vulnerabilities and to determine the effectiveness of patch management programs.
The CTO will remain up to date with announced system security issues as they are made public. Each vulnerability will be reviewed to determine if it is applicable, ranked based on risk, and assigned to the appropriate team for remediation.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Please refer to sections (II)(3) to (II)(7) of RPost SLA (https://RPost.com/legal-notices/service-level-agreement) for details about incident reporting, support, incident severity levels and escalation.
RPost handles threat management as part of the SDLC process and every change introduced to the system. Please refer to RPost SDLC threat handling.pdf for more information.
Infrastructure monitoring – as stated in the document “RPost Incident Response Plan - Confidential.pdf” , AWS servers are continuously monitored with Amazon CloudWatch (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/WhatIsCloudWatch.html) which transmits alarms and alerts to members of the Performance Monitoring Team. The performance monitor system determines the responsivity of each of these services every 5-10 minutes.
Incident management type
Supplier-defined controls
Incident management approach
Please refer to sections (II)(3) to (II)(7) of RPost SLA (https://RPost.com/legal-notices/service-level-agreement) for details about incident reporting, support, incident severity levels and escalation. For more information about RPost incident management processes, refer to the document “RPost Incident Response Plan - Confidential.pdf”.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Social Value

Equal opportunity

Equal opportunity

RPost UK Ltd is providing employment opportunities to apprentices though a government approved training scheme (ITTSA it technical sales apprenticeship)

Pricing

Price
£144 a licence a year
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Up to 5 units per month for all Rmail features ongoing
Link to free trial
Www.rmail.com

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rpost-uk@rpost.com. Tell them what format you need. It will help if you say what assistive technology you use.