PostboxNow Data Protection

Safe and Secure

Data security measures

We are ISO27001, ISO14001 and ISO9001 accredited along side Cyber essentials. This ensures our systems for information security, environmental and quality are managed to a high certified standard.

 

In addition to our processing and operational measures we have in place our Hybrid Mail system has gone through a rigorous technical due diligence process completed by Cloud Origin.

Architecture and development process

Our hybrid mail solution utilises an AWS system for hardware requirements which includes:

  • IAM

  • Encrypted RDS databases

  • IP access controlled S3/Glaicer file storage (UK geographically located)

  • Encrypted databases and file backups stored on AWS Ireland Instances.

 

Our SSL secures all file transfers. We support our AWS security standards by leveraging with their compliance mechanisms.

 

  • By design account data is logically compartmentalised. Ensuring end users can only see data from their own account. Even PDF’s are never directly exposed but alternatively they see a temporary file image instead.

  • As part of our systems standard testing fortnightly develop cycles with pre-deployment vulnerability is in place.

  • Cloud applications and Servers are patched weekly where required.

Still need help?

 

Penetration testing

Routine pen testing is conducted.

User access control

Industry standard user access controls are implemented with PostboxNow

User password complexity

All user passwords require 1 number and 8 characters which Kaspersky has reported that it would take around 12 days to be bruteforced with a home computer.

Data retention periods

Our data retention periods can be altered to varied account requirements. Client uploads are held for a maximum of 365 days before being securely wiped using a DoD 5220.22-M algorithm.

Transferring Data

When data is transferred between end-users and PostboxNow our SSL certificates; that use RSA4096 and 2048 but keys, ensure all communication is encrypted.

Handling returns

All returns will be sent directly to Eight Days a Week Print Solutions by Royal Mail.

 

The 2D barcode on the front of every mailing will be scanned into the system. Any returned mail you have sent can be seen in your returned mail folder.

 

Once mail has been flagged at returned, the physical mail piece will be securely destroyed in line with ISO 2700.