Skip to main content

Help us improve the Digital Marketplace - send your feedback

RPOST UK LIMITED

RMail: Email Security, Privacy and Compliance

RMail® harmoniously integrates into any existing security stack, complementing it with enterprise-grade privacy, security, and compliance functionalities. Our flexible deployment options allow organizations to automate feature combinations at the server level, as well as in the inbox, with out-of-the-box integrations for common business tools like Microsoft Outlook, Salesforce, and more.

Features

  • Registered Email™: Tracks and proves communications with a Registered Receipt™.
  • Dynamic Encryption™: Automatically encrypts based on content and recipient capabilities.
  • eSign: Legal document signoff.
  • File Share: Share large files securely up to 1 GB.
  • Eavesdropping AI™: Detects sophisticated cyber-threats, alerts sender, and locks content.
  • Lookalike Domain™ Detector: AI-Infused human-error prevention, identifies email domain trickery.
  • Reply Hijack™ Alerts: Warns against attempts to hijack email replies.
  • RMail Recommends™: AI-infused-DLP suggests RMail features based on message content.

Benefits

  • Security: Enterprise-grade encryption and AI detection ensure robust email protection.
  • Privacy: Dynamic encryption ensures 100% compliance with privacy regulations.
  • Compliance: Court-admissible proof of delivery and content meets legal standards.
  • Efficiency: Streamline workflows with server-level automation and user-friendly features.
  • Protection: Defend against sophisticated cyber threats and human error.
  • Automation: Automate feature deployment at server and inbox levels.
  • Human-Error Prevention: AI-driven email spoofing and reply hijacking risks reduction
  • Ease of Use: Intuitive interface for enhanced productivity and satisfaction.
  • Versatility: Multiple deployment options and flexible feature combinations.
  • Integration: Compatible with popular business tools for seamless integration.

Pricing

£144 a licence a year

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rpost-uk@rpost.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

7 3 5 5 0 6 4 1 4 4 6 1 6 5 9

Contact

RPOST UK LIMITED Kevin Love-Hughes
Telephone: 0203 078 7620
Email: rpost-uk@rpost.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Email and other digital business services like CRM
Cloud deployment model
Public cloud
Service constraints
The features Lookalike Domain Detector, Reply Hijack Alerts and RMail Recommends, are exclusive to the Microsoft Outlook application.
System requirements
  • Works with Gmail
  • Works with SalesForce
  • Works with any Outlook and Office 365 versions

User support

Email or online ticketing support
Email or online ticketing
Support response times
Various support plans are available.

On basic plan response times are different at weekends but can be tailored to suit.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 A
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 A
Web chat accessibility testing
None
Onsite support
Yes, at extra cost
Support levels
(1) Plan pricing is a percent of the service order with minimums: a) *Premium: The greater of (a) 10% of total service order or (b) 25/month or 250/year if pre-paid b) *Platinum: The greater of (a) 15% of total service order or (b) 50/month or 500/year if pre-paid c) *Enterprise: The greater of (a) 20% of total service order or (b) 250/month or 2500/year if pre-paid (2) Included Live Phone/Live Remote Access aggregate instances per month: Premium: 2, Platinum: 3, Enterprise 3. (3) Eligible for enhancement, each enhancement has an additional cost. (4) Included Registered Receipt™ E-Delivery Investigative Support instances per month: Platinum: 2, Enterprise: 3. Full Support plan information available on request.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
By providing training and documentation on the Onboarding Portal.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
RPost does not permanently store user data
End-of-contract process
RPost can terminate the service as requested and as we dont store user data there are normally no further activities required.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
Yes
Compatible operating systems
  • MacOS
  • Windows
Designed for use on mobile devices
No
Service interface
Yes
User support accessibility
WCAG 2.1 A
Description of service interface
User friendly UI that allows access to features
Accessibility standards
WCAG 2.1 A
Accessibility testing
None but meets standards
API
Yes
What users can and can't do using the API
All features available by API except

Licence allocation
Usage Reporting
API documentation
Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Features can be selected as desired, and other services can be added such as branding. Mixture of user enable customisation and supplier only customisation. Organizations can deploy in the inbox with plug-and-play apps for common business tools (Salesforce, Outlook, Gmail, and more), integrate into their custom workflows, automate with RMail Cloud Security Gateway, and more deployment options.

Scaling

Independence of resources
Use of a scaleable and highly redundant failover architecture on AWS.

Analytics

Service usage metrics
Yes
Metrics types
Through the RPortal users and administrators can monitor their usage and pull reports including historical.
Reporting types
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Data is not permanently stored.
Data export formats
Other
Data import formats
Other
Other data import formats
Not Applicable

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
https://rpost.com/legal-notices/service-level-agreement
Approach to resilience
https://rpost.com/legal-notices/service-level-agreement.
Information available on request
Outage reporting
Email Alerts

Identity and authentication

User authentication needed
Yes
User authentication
Other
Other user authentication
Via Email Suffix
Access restrictions in management interfaces and support channels
Registered Users
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
Yes
Any other security certifications
  • ISO9001, ISO27001, ISO27017 ISO27018 via AWS
  • RPost systems conform to the NIST 800-171

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
RPost has policies, procedures, and infrastructure to protect the physical security of its business offices and development lab. RPost infrastructure that operates the RMail services is an Amazon AWS infrastructure that carries an ISO 27001 Certificate and SOC2 Report. AWS operates, manages, and controls the components from the host operating system and virtualization layer down to the physical security of the facilities in which the service operates. Access to any of these reports can be provided if required.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
RPost maintains a change management process to ensure that all changes made to the production environment are applied in a deliberate manner. Changes to information systems, network devices, and other system components, and physical and environment changes are monitored and controlled through a formal change control process. Changes are reviewed, approved, tested and monitored post-implementation to ensure that the expected changes are operating as intended.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Security assessments shall be undertaken on a regular basis to identify vulnerabilities and to determine the effectiveness of patch management programs.
The CTO will remain up to date with announced system security issues as they are made public. Each vulnerability will be reviewed to determine if it is applicable, ranked based on risk, and assigned to the appropriate team for remediation.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Please refer to sections (II)(3) to (II)(7) of RPost SLA (https://RPost.com/legal-notices/service-level-agreement) for details about incident reporting, support, incident severity levels and escalation.
RPost handles threat management as part of the SDLC process and every change introduced to the system. Please refer to RPost SDLC threat handling.pdf for more information.
Infrastructure monitoring – as stated in the document “RPost Incident Response Plan - Confidential.pdf” , AWS servers are continuously monitored with Amazon CloudWatch (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/WhatIsCloudWatch.html) which transmits alarms and alerts to members of the Performance Monitoring Team. The performance monitor system determines the responsivity of each of these services every 5-10 minutes.
Incident management type
Supplier-defined controls
Incident management approach
Please refer to sections (II)(3) to (II)(7) of RPost SLA (https://RPost.com/legal-notices/service-level-agreement) for details about incident reporting, support, incident severity levels and escalation. For more information about RPost incident management processes, refer to the document “RPost Incident Response Plan - Confidential.pdf”.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

RPost are challenging the world of employment to move to a 'paperless office'. We understand the need to fight climate change globally and our products support this mission. Our products encourage people to transact digitally rather than by physical mail. RMail and RSign both include a Registered Receipt that can act as legal proof of delivery omitting the requirement to use post.

Covid-19 recovery

RPost offers flexible Work from Home Policy to all employees globally in order to combat Covid-19 recovery.

Tackling economic inequality

RPost have preferential price points for startup business' and organisations within the public sector

Equal opportunity

RPost is a global equal opportunities employer. We aim to meet and welcome diversity, inclusion and equality best practices wherever possible at a global level

Wellbeing

RPost advocates wellbeing in the workplace. We encourage regular in person and online meetings where employees can get together both in a team or individual setting

Pricing

Price
£144 a licence a year
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Up to 5 units per month for all Rmail features ongoing
Link to free trial
Www.rmail.com

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rpost-uk@rpost.com. Tell them what format you need. It will help if you say what assistive technology you use.