• No results found

External Communication to Third Parties

N/A
N/A
Protected

Academic year: 2021

Share "External Communication to Third Parties"

Copied!
5
0
0

Loading.... (view fulltext now)

Full text

(1)

External Communication to Third Parties

Egress Software Technologies Ltd Unit 16 Quadrant Business Center, 135 Salusbury Road, London, NW6 6RJ T: +44 (0)20 7624 8500 / F: +44 (0)20 7624 8200 / E: info@egress.com

(2)

2

External Communication to Third Parties

Egress do recommend that you make your clients and partners aware of the new measures and/or procedures your organisation is going to adopt when sharing confidential information – and more importantly, what clients will need to do in order to access encrypted information.

The following processes include:

• Distribute notification or announcement via email to send to customers and clients.

• Provide support material such as online resources, web tutorials, online videos and user guides.

• Provide additional support material e.g. Recipient Quick Start Guide for recipients that wish to send encrypted data back to your users - Covers the full range of information that will be required by the end-user to operate and use Egress Switch.

• Arrange on-site Egress Switch workshop - The purpose of the workshop is to provide an overview of Egress Switch and Q&A session to key clients and third-parties. This will provide awareness of the product's usage and why.

Some example email notification templates are shown as follows (please note the text is normally placed inside a company branded email/letter):

(3)

3

Sample 1 - External Notification Email

Dear X

On the 6th April 2010 the Information Commissioners Office (ICO), who are responsible for ensuring the Data Protection Act in the UK is adhered to, have had their powers extended and the maximum fine for a data breach has been increased from £5,000 to £500,000.

In a statement released, the ICO have further clarified one area which has relevance to the way we exchange information between us;

"The loss of personal data transferred in an unencrypted form will be treated as a serious breach and enforcement action will be taken".

The relationship that we have with you is extremely important to us, and whilst the risk of the loss of data is extremely small it is something that we take very seriously. As a result of these

announcements, from the [insert date] we will now only exchange (send to you) sensitive data in an encrypted form using software from Egress Software Technologies.

In order for you to un-encrypt the message or information, you will not be required to install any software onto your PC, but you will need to set up an account at Egress.

The benefit of us introducing this software to you is that you can download from the website a full copy of the software at no charge allowing you to send unlimited encrypted emails back to us totally free.

By encrypting the information you send to us you will also be meeting your legal obligations under the Data Protection Act in your capacity as Data Controller.

Egress Switch is very simple to install and use, so please do not hesitate to contact them in the first instance. Alternatively please come direct to either myself or [enter contact here] who would be happy to help and answer any questions you may have, we can both be reached on: xxx-xxxx-xxxx

Yours sincerely,

(4)

4

Sample 2 – External Notification Email

Dear X

[COMPANY NAME] take information security seriously. Client data and client confidentiality is at the heart of everything we do and with the ever increasing media reports of the increase in online fraud and data loss in the UK, we have reviewed our own approach to information security.

We have decided to introduce some new simple and free to use data encryption measures which will ensure the transfer of electronic data between you and us is now even more secure. It will help us both comply with legal and professional regulations and puts [COMPANY NAME] firmly at the forefront of best practice amongst accountants.

No business can afford to ignore the financial and legal consequences of a breach in the security of the information it keeps, nor the impact upon its reputation amongst customers, suppliers,

employees and the wider business community. The Information Commissioners Office has a wide range of powers at its disposal to enforce the Data Protection Act 1998. These range from assessments and enforcement notices through to fines up to £500,000.

Although the Act concerns itself primarily with the protection of personal data, as part of our on-going review of our information security arrangements, [COMPANY NAME] is now using encryption software to protect commercially sensitive client information as well as personal data. We are also encrypting personal or commercially sensitive client data where it is occasionally necessary to store it on portable devices such as laptops, CD/DVDs and USB keys or when transferring it using FTP sites.

We have chosen a solution called Egress Switch because:-

• It’s free - you can receive encrypted emails from us and send encrypted emails back to us

for free.

• It’s incredibly easy to use – anyone can download it and it’s as easy to use as opening a

file.

• It’s incredibly easy to download – you don’t need admin rights and it works on a wide

range of platforms.

• You can control access – through policies, time-outs, revocations and other methods for

even greater control.

• You can encrypt data before storing it on portable devices – so your data is secure if you

lose a USB stick.

• Quick to deploy and low cost – when you are ready to encrypt your own data.

This FREE solution will help us both take effective measures to secure your information. Its common sense and we hope it becomes a standard in use by all businesses.

Yours sincerely,

(5)

5

Sample 3 – External Notification Email

Dear X

As your <accountants, legal firm, etc> we take the security and confidentiality of our client’s data extremely seriously.

From the 6th April 2010, the Information Commissioners Office (ICO) has increased powers including the ability to levy fines of up to £500,000. As such, we have decided to introduce data encryption measures in accordance with the latest recommendations from the ICO which will ensure the protection of confidential information sent by email, CD/DVD, or uploaded to FTP/Cloud servers.

This new service will ensure that we both comply with the legal and regulatory requirements when exchanging commercially confidential and / or personal information as defined by the Data

Protection Act. More importantly, this service is available to you at no cost as we have arranged with our supplier, Egress Software, that you may encrypt email messages and attachments with no limitations to size or frequency when sharing information with <INSERT COMPANY NAME>.

For more information explaining how to use the software please refer to the attached document. Additionally, if you have any questions or require assistance getting set up please contact<INSERT CONTACT DETAILS>

Yours sincerely,

References

Related documents

County community worshiping our church often referred to as trinitarian theology degree from a social teaching.. Buildings dedicated to god is often referred our site design your

• Determine what makes designing for contact centers different from a more typical user- centered design process (e.g. for websites or applications).. • Understand how to approach

In this study, it is aimed to develop the Science Education Peer Comparison Scale (SEPCS) in order to measure the comparison of Science Education students'

The the diastolic blood pressure (the bottom number) indicates how much pressure your blood is exerting against your artery walls while the heart is resting between beats.* A

• Continue to use TV as our core branding media • Use print to support campaign and

Given that Ministers already have to satisfy themselves that the land is eligible land, (i.e. abandoned or neglected), and that purchase by the community body is

ally illustrate how VLANs restrict forwarding to use safe paths in a transitional network, we first consider a straightforward, yet impractical scheme: For every pair of SDN

In the original reservoir model, since the well geometries and well control patterns are not very complex, low load imbalance is obtained for parallel simulation based on the four