Adare SEC Limited

Hybrid Mail (PrintMe)

PrintMe, Hybrid Mail platform enables clients to create letter templates, choose from configurable print options i.e. envelope size & postage tariff, select a Print Driver, and send to Adare SEC for secure production, fulfilment, and postage. Enabling the sending of ad-hoc, day-to-day communications whilst avoiding the need to print locally.

Features

• Configurable: enabling features to simplify execution of customer communications.
• Onserts: white-paper production eliminating the purchase, storage of stationery.
• Audit trail: maintained of all documents submitted centrally.
• Permissions: rules & permission (User, Manager, Administrator) based access.
• User experience: intuitive platform that is easy to use.
• Modern interface: simple, aesthetic, and easy to navigate.
• Fully supported: defined SLA for change management / issue resolution.
• MI: Advanced Reporting tool for accessing granular, self-serve MI.
• Resilience: secure, resilient, and scalable platform.
• Security: Microsoft Azure (UK) platform, including Single Sign-On

Benefits

• Simplification: eliminating need to print documents on a printer.
• Sustainable: communications mailed in 100% recyclable, biodegradable envelopes.
• Increased quality: increase consistency, reduce manual errors, improve quality.
• Cost savings: consolidated production run and AdarePost postage optimisation solution.
• Enhanced agility: submit documents day 1 delivered day 3-4.
• Resource mitigation: save time, resources enabling delivery of objectives.

£0.43 a unit

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@adaresec.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

749158544424392

Contact

Ella Ward
01484863411
bidteam@adaresec.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: There are no constraints that you need to be aware of. We have created a comprehensive Print Driver Installation Guide to support with the product installation and a User Guide to show users how to navigate the system end-to-end. Provided these instructions are followed, then the product is simple to install and easy to use.
• System requirements:
  • Open Port 35 default printer port on firewall required
  • Firewall allows secure encrypted SSL traffic over port 35
  • Port 443 open both for both inbound and outbound
  • Driver has the ability to work with proxy server
  • 32 and 64 bit versions available .EXE and .MSI versions

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Acknowledgement of the request will be provided within 4 hours, with queries resolved within 0 -12 hours (high priority), 72 hours (medium priority), and 120 hours (low priority).
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: Acknowledgement of the request will be provided within 4 hours of receipt, with queries resolved within:; • 0 -12 hours (high priority), ; • 72 hours (medium priority); • 120 hours (low priority).; We provide offsite, remote support. ; Onsite account management support is provided included FOC.; We prefer queries to be provided in writing for audit trail purposes to printme.support@adaresec.com for technical support queries such as you cant log in, you cant install the print driver or you need to report a defect.; Operational queries such as pack queries, product questions or change requests are channeled through account management.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide users with the following documentation to help them start using the service:; ; Marketing Collateral:; ; • Explainer Video.; • Info Sheet.; • Overview Presentation, including Implementation Plan.; • Feature Summary.; • Implementation Checklist.; • Clear Zones document to support template creation. ; ; Technical Documents:; ; • User Guide.; • Print Driver Installation Guide.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • Powerpoint
  • MP4
• End-of-contract data extraction: PrintMe has a standard retention period of 30 days. Therefore, transient data and documents used for production will be deleted after 30 days as per our standard Data Retention Policy.
• End-of-contract process: We will provide clients with a detailed De-implementation Plan and an Exit Schedule will be included in any client contract.; This will be dependent on the client scope and requirements but largely it is not an additional cost.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
• Application to install: Yes
• Compatible operating systems:
  • Windows
  • Windows Phone
  • Other
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The Console is responsive and works on different screen sizes, although is not specifically designed for mobile devices. However, users will not typically be generating documents (customer correspondence) from these devices.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The main service interface is the Console, which is used to: access MI for the previous 90 days, check submissions have been submitted successfully, identify any issues with submissions where they have been held, or failed, access the user management functionality to set up users and re-set passwords, view each submissions for the previous 30 days, and search for submissions.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: To-date, we've not completed any interface testing with any users of assistive technology. This is primarily because we've not been requested to do this by any of our clients.
• API: No
• Customisation available: Yes
• Description of customisation: We provide our clients with a standard product, comprising of: key functionality, marketing collateral, technical user documents, MI, invoicing, and a full support wrapper. However, there are a number of configurable options available when creating documents, such as selecting single pack, or mail-merge document, letterhead stationery, envelope size, postage tariff, adding onserts, uploading attachments, and delaying submission dates. There are also other things that can be configured such as: automated document commands called "OPT Codes", search options, reporting filtering, and user management administration. There are also other things that can be customisable such as: automated document commands called "OPT Codes", search options, reporting filtering, and user management administration.

Scaling

• Independence of resources: The system is currently moving away from Cloud Compute to a model based on Kubernetes and Containers, which will utilise the Azure Kubernetes service. The solution runs on Azure Virtual Machine Scale Sets, which are grouped into Fault and Update groups in the same way as Cloud Compute instances. This will mitigate the risk of other users placing demand on the service and future-proof our service.

Analytics

• Service usage metrics: Yes
• Metrics types: The Advanced Reporting functionality provides clients with a record of every pack submitted from the previous 90 days in a grid view, enabling you to filter by user and date range for number of packs, sheets, sides, and inserts (where applicable). The reporting will help with invoicing reconciliation and give you a more granular, relevant breakdown of activity profile.
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: H-POD software from Paperpost underpins our product

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can export data from the Advanced Reporting in Excel or CSV format.
• Data export formats:
  • CSV
  • Other
• Other data export formats: Excel
• Data import formats:
  • CSV
  • Other
• Other data import formats: Excel

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We operate in accordance with a Service Uptime SLA of 99%. ; ; This is dependent on the underlying availability within the Microsoft Azure hosting environment, though.
• Approach to resilience: • The platform has multiple elements providing cover for all functions. At least three copies of all data is held at all times including database data.; • Our RTO is 24 – 72 hours, a copy of each document stored in a paired data centre. We upgraded from our “R0” standard BCP to our enhanced “R1” BCP on 01/02/22 to reduce the RTO from 72 – 120 hours to 24 – 72 hours. ; • Databases can be restored to any point in time over the preceding 35 days.; • extremely resilient solution within an individual Microsoft Azure data centre environment. ; • The Cloud Compute service is used to provide virtual instances of the Web and Worker roles within the solution.; • BLOB storage is used to store documents, inserts, stationery, and export files. As standard, this is stored at least 3 times in the data centre in which the instance runs. The corresponding SLA with BLOB for this is 99.99%.; • Azure SQL provides 99.995% availability together with the ability to restore data to any point in time over the preceding 35 days. These are held on backups within the data centre in which the instance runs.
• Outage reporting: Outages are communicated formally to clients using a "IT Network Outage" template, which details the issue and who is affected. A follow up e-mail is then provided detailing when the issue was resolved and any corrective action that needs to be implemented. (email alerts)

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: OpenID Connect: When a user connects, they are bounced to the authentication server and return with a token and “claims” which include the profile data. If user is found, they will be able to use the tool, manage documents in the console and submit packs. If not, group membership GUIDs are checked against those held in system, if both match, the user is created in appropriate account with appropriate user type.; ; This is automatic and involves no user action.; ; We are also able to use Single Sign-On or Basic Authentication using username and password.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: Less than 1 month
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: Less than 1 month
• How long system logs are stored for: Less than 1 month

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI Assurance UK Limited
• ISO/IEC 27001 accreditation date: 20/12/2005 originally and certificate expires 15/02/2024
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • PCI Data SEcurtiy standard 3 Tier One
  • C&CCC - cheque printer accreditation scheme (CPAS)

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We operate in accordance with the following security policies:; • Privacy Policy Statement. ; • E-mail Internet Acceptable Usage Policy.; • Cyber Security Awareness Policy.; • Integrated Management System Policy.; • Security Breach and Incident Policy.; • Data Protection and GDPR Policy.; • GDPR compliance statement.; We hold ISO 27001, PCI data security standard 3, Data Protection Act registered as a data controller with ICO and C&CC cheque printer accreditation scheme. ; We have strict employment policies in place with security vetting carried out to DBC check level 1. ; Information and security governance is built into all procedures with the systems design, maintenance, and development. All system changes automatically trigger review for their impact on both Security and Information Governance. Legal changes are reviewed annually to assess their impact on security and governance as are changes made by relevant bodies – e.g. OWASP Top Ten.; We have a compliance team ultimately responsible who report directly to the board. ; Training is provided to all starters on Information security and is also refreshed every 12 months via a training platform called KnowB4

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Tracked through Service Desk and raised on Paperpost ZenDesk system. Changes in configuration are completed within the ZenDesk system and Service Desk. ; ; Changes requiring a change to the code are raised within Jira development management system. New features and functionality requests are raised to Aha! feature tracking system. Approved features are passed from Aha! to Jira directly. ; ; A release is scoped, work is carried out, release testing then takes place. The release is placed on staging system and tested, documented and delivered to clients either collectively or client-by client. Upgrades are scheduled.; ; Protective monitoring: Azure portal used to monitor systems
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Protective monitoring: We use the Azure Portal to monitor all systems. Alerts are delivered against any unexpected or unusual activity which are in turn investigated by our support staff and any necessary actions carried out.; ; Patches can be deployed easily and quickly when there is a bug or vulnerability, although we havent needed to do this to date. ; ; Monitoring threats is ongoing and constant. For example, we have recently completed an IP whitelisting excercise for one of our other products that was raised as part of a Penetration Test completed by a third-party and organised by our Information Security Manager.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Protective monitoring:; ; We use the Azure Portal to monitor all systems. Alerts are delivered against any unexpected or unusual activity which are in turn investigated by our support staff and any necessary actions carried out. This is a proactive approach that we use to identify any compromises, as well as utilising our Information Security Manager to identify any threats, ensure we mitigate risk, maintain security standards, and stay abreast of the latest industry developments.
• Incident management type: Supplier-defined controls
• Incident management approach: All faults and incidents are tracked through our Service Desk and then raised on the Paperpost ZenDesk system. These incidents are then tracked and analysed. Incidents that can be fixed through changes in configuration are completed within the ZenDesk system and our Service Desk.; ; We have an Incident Prioritisation Procedure which applies to any incident identified within the organisation. It mandates reporting and escalation and provides classification for an incident. It also mandates how an incident is responded to with templates available and personnel responsible. We provide investigation reports once an incident has been resolved. Examples are available on request.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Over the past number of years we have implemented a range of augmented initiatives which are contributing to our ongoing sustainable vision and carbon reduction target. Across our sites we have installed LED lighting, an upgrade which allows us to consume considerably less energy and produce less waste in the process. Our reduced energy consumption target has also benefitted from the upgrade of highly efficient warehouse equipment, with some replacements saving as much as 80% energy efficiency as overall solutions.; ; In 2019 Adare SEC became the first UK communications company to commit to using 100% recyclable envelopes and also moved energy suppliers to a provider that supplies 100% renewable energy. Additionally, improvements were made the year after to our water management system which allowed us to save on transportation and container requirements.; ; In 2021 the introduction of our electric vehicle scheme gave employees affordable access to greener private vehicle option and also contributed to our overall carbon footprint reduction.; ; Measure through Carbon Quota, our Scope 1 and Scope 2 emissions are monitored and verified on an annual basis. Our Scope 3 emissions are also captured and analysed. The above initiatives are all integral to us maintaining our ISO14001 accreditations.; ; In 2022 we submitted science-based target setting to the Science Based Targets initiative's call to action and these have now been confirmed. Our targets are recognised on the SBTi website. ; ; Our statistics:; - 34% reduction in market based carbon emissions since 2019; - 100% electricity comes from renewable sources; - 30% reduction in energy consumption since 2019; - 30% decrease in water consumption over the past 12 months; - Top 25% of sustainable business as rated by Ecovardis; ; Targets and Timelines; - Introduce cycle to work scheme in 2022; - Electric vehicle fleet transition scheme in 2022; - Ecovardis Gold 2023
• Covid-19 recovery:

  Covid-19 recovery

  Adare SEC is classed as a key business to the UK as we perform the provision of postal services and manage work for and on behalf of the UK Government. Our status as a critical supplier has ensured that our manufacturing operations have continued at our secure sites throughout the COVID-19 Pandemic situation, offering a resilient, uninterrupted service to all clients. ; ; The ongoing management of the COVID-19 situation is being treated as a BC incident, although there has been no disruption to service. We are continuing to implement strict safety measures to ensure colleagues can work on-site safely and our non-operations teams continue to work from home with success.; ; The health and wellbeing of all our colleagues along with protecting our business remains our top priority. Some of the steps we have taken to support the COVID-19 recovery are highlighted below:; ; • Home working - secure VPNs/systems have been provided, ensuring a secure, resilient service has continued. The key to our new way of working is to give greater flexibility and autonomy to our colleagues where the role allows, whilst maintaining a regular central point of physical collaboration at sites and ultimately deliver the business and client needs.; • Our COVID-19 task force made the decision to continue with face coverings in all our sites when moving between work bubbles. ; • One-way systems are in place, along with temperature monitoring. ; • Sanitation stations across all sites are supplemented by additional cleaning.; • We are aware of the strain the pandemic has placed on the mental wellbeing of our colleagues and their families. Our HR team has continued to provide support throughout by sending newsletters, communicating additional support mechanisms and being available on a one to one basis where necessary. All employees also have 24x7 access to an external, confidential helpline.
• Tackling economic inequality:

  Tackling economic inequality

  Our Supply; Our supply chain is conducive to a diverse range of suppliers. Where possible we identify suppliers in the community where the contract is performed.; Being able to understand and manage our supply chain risks help us gain the trust and confidence of our stakeholders and increase our competiveness, improving business practices across our organisation. ; Supplier Management We apply the same principles to our suppliers as our own company and our policies provide the framework that outline our responsible sourcing approach. ; Selection & Appointment We on-board vendors via documented process including considerations of due diligence, assessment of criticality, contingency planning, ethical trading, accreditation and assessment of performance and capability.; Performance & Monitoring Review meetings enable performance monitoring and Audits ensure ours and our suppliers operations comply with legal obligations and Ethical Supply Chain Policy. ; Our People; We are committed to diversity and ensure that new job opportunities are available to existing employees as well as outside applicants and that all employees are able to benefit from training, career development and promotion opportunities. ; We focus on improving the experience of our employees also our clients and stakeholders too. We endeavour to work with transparency across and remain committed to the monitoring and improvement of of our ‘people experience’ with attention to health & safety, working conditions, gender balance, modern slavery protocol, living wage amendments, and work life balance suggestions, we persistently seek enhanced ways to conduct business in a fair, honest and open manner.; As Living Wage Employers our employees benefit as does the overall health and success of our business. ; In the last 3 years, 56 employees have completed an apprenticeship scheme. We currently have 19 apprentice roles in our annual apprenticeship program covering areas including business improvement, team leading, HR, Customer Services, Engineering, IT and Accountancy amongst others.
• Equal opportunity:

  Equal opportunity

  The purpose of our Non-discrimination, Equal Opportunities and Disabled Employees' Policy is to demonstrate the Company's commitment to maintaining Non-Discriminatory HR procedures and practices in the workplace in accordance with the Codes of Practice for Employment as outlined by the Equality and Human Rights Commission.; ; The Company is an Equal Opportunities Employer and is committed to complying with the Human Rights Act 1998 and the Equality Act 2010. ; ; The purpose of the policy is to ensure that in line with this legislation equal opportunities are provided to all those in Adare SEC ’semployment, irrespective of their gender, race, ethnic origin, disability, age, nationality, national origin, sexuality, religion, hours of work, marital status, gender reassignment and social class. ; ; We oppose all forms of unlawful and unfair discrimination. All employees, whether part time, full time or temporary, will be treated fairly and equally. Selection for employment, promotion, training or any other benefit will be on the basis of aptitude and ability. All employees will be helped and encouraged to develop their full potential and the talents and resources of the workforce will be fully utilised to maximise the efficient operation of the organisation.; ; The Company will actively promote equal opportunities throughout the organisation through the application of employment policies, which will ensure that individuals receive treatment that is fair and equitable and consistent with their relevant aptitudes, potential skills and abilities. All managers and supervisors will seek to ensure that all employees comply with these principles
• Wellbeing:

  Wellbeing

  Adare SEC take the wellbeing of our workforce seriously and champion our business to be a “great place to work”. ; We have introduced working parties inclusive of colleagues across different functions and levels within the business to play a part the ongoing development plans. All employees have an annual appraisal during which further development is identified and objectives are set to address these in the coming year.; We employ people from all over the UK and have fully enabled remote working which allows us to employ people with relevant skills regardless of geography. ; ; As part of our People Strategy, we are committed to providing our employees with professional development opportunities. In the last 3 years, 56 employees have completed an apprenticeship scheme. Adare SEC currently has 19 apprentice roles as part of our annual apprenticeship program.; ; We operate an “Above and Beyond” Scheme linked to our values and every month anyone in the business can nominate any other person for an award. ; ; We also offer an Employee Assistance Programme through our wellbeing provider – LifeWorks. This is a totally confidential wellbeing platform that all colleagues can use for work and non-work related concerns. They provide convenient online access to a wealth of clinically-verified well-being resource that provide support on mental, physical, social, and financial well-being issues. This service provides our employees with 24/7 access to consultations and expert advisers with options for referrals to counselling and signposting connections to community help agencies. Employees can access the services themselves or be directed by their line manager or a member of HR. The service also offers discounts with major retailers.; Adare SEC have embedded ESG values throughout our business. Business activities that affect the environment, employees, customers, community and suppliers are monitored.

Pricing

• Price: £0.43 a unit
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@adaresec.com. Tell them what format you need. It will help if you say what assistive technology you use.