Adare SEC Limited

Hybrid Mail (PrintMe)

PrintMe, Hybrid Mail platform enables clients to centralise the production of their day-to-day, customer communications. Users create their document templates, select the virtual Print Driver, choose from configurable print options, such as envelope size, postage tariff, onserts, and attachments, and send to Adare SEC for processing, production, and multi-channel delivery.

Features

• Configurable: enabling features to simplify execution of customer communications.
• Onserts: white-paper production eliminating the purchase, storage of stationery.
• Audit trail: maintained of all documents submitted centrally.
• Permissions: rules & permission (User, Manager, Administrator) based access.
• User experience: intuitive platform that is easy to use.
• Modern interface: simple, aesthetic, and easy to navigate.
• Fully supported: defined SLA for change management / issue resolution.
• MI: Advanced Reporting tool for accessing granular, self-serve MI.
• Resilience: secure, resilient, and scalable platform.
• Security: Microsoft Azure (UK) platform, including Single Sign-On

Benefits

• Simplification: eliminating need to print documents on a printer.
• Sustainable: communications mailed in 100% recyclable, biodegradable envelopes.
• Increased quality: increase consistency, reduce manual errors, improve quality.
• Cost savings: consolidated production run and AdarePost postage optimisation solution.
• Enhanced agility: submit documents day 1 delivered day 3-4.
• Resource mitigation: save time, resources enabling delivery of objectives.

£0.67 a unit

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@adaresec.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

473173913020460

Contact

Ella Ward
01484863411
bidteam@adaresec.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: There are no constraints that you need to be aware of. We have created a comprehensive Print Driver Installation Guide to support with the product installation and a User Guide to show users how to navigate the system end-to-end. Provided these instructions are followed, then the product is simple to install and easy to use.
• System requirements:
  • Open Port 35 default printer port on firewall required
  • Firewall allows secure encrypted SSL traffic over port 35
  • Port 443 open both for both inbound and outbound
  • Driver has the ability to work with proxy server
  • 32 and 64 bit versions available .EXE and .MSI versions

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Acknowledgement of the request will be provided within 4 hours, with queries resolved within 0 -12 hours (high priority), 72 hours (medium priority), and 120 hours (low priority).
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: Acknowledgement of the request will be provided within 4 hours of receipt, with queries resolved within:; • 0 -12 hours (high priority), ; • 72 hours (medium priority); • 120 hours (low priority).; We provide offsite, remote support. ; Onsite account management support is provided included FOC.; We prefer queries to be provided in writing for audit trail purposes to printme.support@adaresec.com for technical support queries such as you cant log in, you cant install the print driver or you need to report a defect.; Operational queries such as pack queries, product questions or change requests are channeled through account management.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide users with the following documentation to help them start using the service:; ; Marketing Collateral:; ; • Explainer Video.; • Info Sheet.; • Overview Presentation, including Implementation Plan.; • Feature Summary.; • Implementation Checklist.; • Clear Zones document to support template creation. ; ; Technical Documents:; ; • User Guide.; • Print Driver Installation Guide.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • Powerpoint
  • MP4
• End-of-contract data extraction: PrintMe has a standard retention period of 30 days. Therefore, transient data and documents used for production will be deleted after 30 days as per our standard Data Retention Policy.
• End-of-contract process: We will provide clients with a detailed De-implementation Plan and an Exit Schedule will be included in any client contract.; This will be dependent on the client scope and requirements but largely it is not an additional cost.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
• Application to install: Yes
• Compatible operating systems:
  • Windows
  • Windows Phone
  • Other
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The Console is responsive and works on different screen sizes, although is not specifically designed for mobile devices. However, users will not typically be generating documents (customer correspondence) from these devices.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The main service interface is the Console, which is used to: access MI for the previous 90 days, check submissions have been submitted successfully, identify any issues with submissions where they have been held, or failed, access the user management functionality to set up users and re-set passwords, view each submissions for the previous 30 days, and search for submissions.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: To-date, we've not completed any interface testing with any users of assistive technology. This is primarily because we've not been requested to do this by any of our clients.
• API: No
• Customisation available: Yes
• Description of customisation: We provide our clients with a standard product, comprising of: key functionality, marketing collateral, technical user documents, MI, invoicing, and a full support wrapper. However, there are a number of configurable options available when creating documents, such as selecting single pack, or mail-merge document, letterhead stationery, envelope size, postage tariff, adding onserts, uploading attachments, and delaying submission dates. There are also other things that can be configured such as: automated document commands called "OPT Codes", search options, reporting filtering, and user management administration. There are also other things that can be customisable such as: automated document commands called "OPT Codes", search options, reporting filtering, and user management administration.

Scaling

• Independence of resources: The system has recently moved away from Cloud Compute to a model based on Kubernetes and Containers, which utilises the Azure Kubernetes service. The solution runs on Azure Virtual Machine Scale Sets, which are grouped into Fault and Update groups in the same way as Cloud Compute instances. This mitigates the risk of other users placing demand on the service and future-proof our service.

Analytics

• Service usage metrics: Yes
• Metrics types: The Advanced Reporting functionality provides clients with a record of every pack submitted from the previous 90 days in a grid view, enabling you to filter by user and date range for number of packs, sheets, sides, and inserts (where applicable). The reporting will help with invoicing reconciliation and give you a more granular, relevant breakdown of activity profile.
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: H-POD software from Paperpost underpins our product

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can export data from the Advanced Reporting in Excel or CSV format.
• Data export formats:
  • CSV
  • Other
• Other data export formats: Excel
• Data import formats:
  • CSV
  • Other
• Other data import formats: Excel

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We operate in accordance with a Service Uptime SLA of 99%. ; ; This is dependent on the underlying availability within the Microsoft Azure hosting environment, though.
• Approach to resilience: • The platform has multiple elements providing cover for all functions. At least three copies of all data is held at all times including database data.; • Our RTO is 24 – 72 hours, a copy of each document stored in a paired data centre. We upgraded from our “R0” standard BCP to our enhanced “R1” BCP on 01/02/22 to reduce the RTO from 72 – 120 hours to 24 – 72 hours. ; • Databases can be restored to any point in time over the preceding 35 days.; • extremely resilient solution within an individual Microsoft Azure data centre environment. ; • The Cloud Compute service is used to provide virtual instances of the Web and Worker roles within the solution.; • BLOB storage is used to store documents, inserts, stationery, and export files. As standard, this is stored at least 3 times in the data centre in which the instance runs. The corresponding SLA with BLOB for this is 99.99%.; • Azure SQL provides 99.995% availability together with the ability to restore data to any point in time over the preceding 35 days. These are held on backups within the data centre in which the instance runs.
• Outage reporting: Outages are communicated formally to clients using a "IT Network Outage" template, which details the issue and who is affected. A follow up e-mail is then provided detailing when the issue was resolved and any corrective action that needs to be implemented. (email alerts)

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: OpenID Connect: When a user connects, they are bounced to the authentication server and return with a token and “claims” which include the profile data. If user is found, they will be able to use the tool, manage documents in the console and submit packs. If not, group membership GUIDs are checked against those held in system, if both match, the user is created in appropriate account with appropriate user type.; ; This is automatic and involves no user action.; ; We are also able to use Single Sign-On or Basic Authentication using username and password.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: Less than 1 month
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: Less than 1 month
• How long system logs are stored for: Less than 1 month

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI Assurance UK Limited
• ISO/IEC 27001 accreditation date: 20/12/2005 originally and certificate expires 15/02/2024
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • PCI Data SEcurtiy standard 3 Tier One
  • C&CCC - cheque printer accreditation scheme (CPAS)

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We operate in accordance with the following security policies:; • Privacy Policy Statement. ; • E-mail Internet Acceptable Usage Policy.; • Cyber Security Awareness Policy.; • Integrated Management System Policy.; • Security Breach and Incident Policy.; • Data Protection and GDPR Policy.; • GDPR compliance statement.; We hold ISO 27001, PCI data security standard 3, Data Protection Act registered as a data controller with ICO and C&CC cheque printer accreditation scheme. ; We have strict employment policies in place with security vetting carried out to DBC check level 1. ; Information and security governance is built into all procedures with the systems design, maintenance, and development. All system changes automatically trigger review for their impact on both Security and Information Governance. Legal changes are reviewed annually to assess their impact on security and governance as are changes made by relevant bodies – e.g. OWASP Top Ten.; We have a compliance team ultimately responsible who report directly to the board. ; Training is provided to all starters on Information security and is also refreshed every 12 months via a training platform called KnowB4

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Tracked through Service Desk and raised on Paperpost ZenDesk system. Changes in configuration are completed within the ZenDesk system and Service Desk. ; ; Changes requiring a change to the code are raised within Jira development management system. New features and functionality requests are raised to Aha! feature tracking system. Approved features are passed from Aha! to Jira directly. ; ; A release is scoped, work is carried out, release testing then takes place. The release is placed on staging system and tested, documented and delivered to clients either collectively or client-by client. Upgrades are scheduled.; ; Protective monitoring: Azure portal used to monitor systems
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Protective monitoring: We use the Azure Portal to monitor all systems. Alerts are delivered against any unexpected or unusual activity which are in turn investigated by our support staff and any necessary actions carried out.; ; Patches can be deployed easily and quickly when there is a bug or vulnerability, although we havent needed to do this to date. ; ; Monitoring threats is ongoing and constant. For example, we have recently completed an IP whitelisting excercise for one of our other products that was raised as part of a Penetration Test completed by a third-party and organised by our Information Security Manager.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Protective monitoring:; ; We use the Azure Portal to monitor all systems. Alerts are delivered against any unexpected or unusual activity which are in turn investigated by our support staff and any necessary actions carried out. This is a proactive approach that we use to identify any compromises, as well as utilising our Information Security Manager to identify any threats, ensure we mitigate risk, maintain security standards, and stay abreast of the latest industry developments.
• Incident management type: Supplier-defined controls
• Incident management approach: All faults and incidents are tracked through our Service Desk and then raised on the Paperpost ZenDesk system. These incidents are then tracked and analysed. Incidents that can be fixed through changes in configuration are completed within the ZenDesk system and our Service Desk.; ; We have an Incident Prioritisation Procedure which applies to any incident identified within the organisation. It mandates reporting and escalation and provides classification for an incident. It also mandates how an incident is responded to with templates available and personnel responsible. We provide investigation reports once an incident has been resolved. Examples are available on request.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We are committed to achieving NetZero by 2050. ; In June 2023 we maintained our EcoVadis GOLD medal rating .; ; Our environmental statistics are below:; • 66% reduction in total energy consumption vs 2019 baseline; • 100% of our electricity now comes from renewable sources; • 66% reduction in overall energy consumption since 2019; • 15% decrease in water consumption over the past 12 months; ; We hold ISO 14001 Environmental Management System. We also hold the Chain of Custody Certification for FSC and PEFC . We have formed a partnership with the Woodland Trust and are able to offer sustainable services to our clients on request. Our strategy articulates a series of protocols, processes and tools across the business, to enable us to ‘conduct business ethically, effectively and efficiently for the benefit of the business, colleagues, partners, clients and local and global communities’. Accordingly we have aligned our strategy with the UN’S 17 Sustainable Development Goals and we have joined the UN’s Race to Zero initiative through Science Based Targets (SBTi), committing to a 70% reduction* in direct, indirect and supply chain (Scope 1, 2 & 3) GHG Emissions by 2030. We will not consider carbon offset schemes as contribution to this target and it will constitute only meaningful reductions in GHG emissions.; we have implemented a range of augmented initiatives which are contributing to our ongoing sustainable vision and carbon reduction target. ; Measured through Carbon Quota, an external carbon specialist, our Scope 1, 2 and 3 emissions are monitored and verified on an annual basis. Last year we reduced our Co2 emissions by 3%, demonstrating a 66% reduction against 2019 baseline meaning we achieved our SBTi objective ahead of target.; ; To reduce our emissions we implement both technical and behavioural options and we continually review the effectiveness of implemented solutions.

  Equal opportunity

  The Company is committed to encouraging equality, diversity, and inclusion among our workforce, and eliminating unlawful ; discrimination. The aim is for our workforce to be truly representative of all sections of society and our customers, and for each employee to feel respected and able to give their best.; We will: ; - Encourage equality, diversity, and inclusion in the workplace as they are good practice and make business sense.; - Create a working environment free of bullying, harassment, victimisation, and unlawful discrimination, promoting dignity and respect for all, and where individual differences and the ; contributions of all staff are recognised and valued. ; - Train managers and all other employees about their rights and responsibilities under the equality, diversity, and inclusion policy. Responsibilities include staff conducting themselves to help the ; organisation provide equal opportunities in employment, and prevent bullying, harassment, victimisation, and unlawful discrimination.; - Ensure staff understand that, as well as their employer, they can be held liable for acts of bullying, harassment, victimisation and unlawful discrimination, in the course of their employment, ; against fellow employees, customers, suppliers and the public.; - Take complaints of bullying, harassment, victimisation and unlawful discrimination by fellow employees, customers, suppliers, visitors, the public and any others during the organisation’s ; work activities seriously.; - Provide services to which all clients are entitled regardless of age, disability, gender reassignment, marriage and civil partnership, pregnancy or maternity, race, religion or belief, sex ; or sexual orientation, offending past, caring responsibilities, or social class.; - Make sure our services are delivered equally and meet the diverse needs of our service users and clients by assessing and meeting the diverse needs of our clients.; - clear procedures that enable our clients, candidates and employees to raise a grievance or make a complaint if they feel they have been unfairly treated.

  Wellbeing

  We work hard to ensure we are a company that people choose to work for and choose to stay working for. We employ many different methods to ensure we are an employer of choice and our HR department is led by Employee Engagement personnel and recruitment specialists who have developed a well round employee engagement strategy that includes, but is not limited to:; • Opportunities for career progression / sponsorship in professional qualifications. In the last 3 years, 56 employees have completed an apprenticeship scheme. We currently have 19 apprentice roles as part of our annual apprenticeship program. ; • Our Adare SEC spirit values awards which enables anyone in the company to nominate any other colleague for an award which provides £50 gift card and an extra days’ holiday and is awarded bi-monthly. This is based on our Adare SEC spirit and includes the values of customer first, collaborative, sustainable, communicative, continuously improving, people focused, quality and authentic.; • Bonus and commission schemes available according to job role.; • We have an Assistance programme (EAP) and Well Being platform which is available to all employees. Our EAP service provides access to My Health Advantage which allows all of our employees to benefit from various resources such as webinars, health checks, on-line counselling and a range of 4 week programmes which people can download to help and support them through various topics relevant to the individual. ; • In 2023 our Executive Board approved a cost of living supplement to support employees who were most affected by the cost of living crisis. The scheme benefitted 60% of the workforce.; • We offer a day a year to all employees to take off work in order to volunteer for a charity of their choice.

Pricing

• Price: £0.67 a unit
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@adaresec.com. Tell them what format you need. It will help if you say what assistive technology you use.