At Egress, we constantly strive to provide the highest levels of security and product excellence to our customers. This technical focus has seen the Egress platform achieve an unmatched number of product certifications and accreditations. At Egress, we constantly strive to provide the highest levels of security and product excellence to our customers. This technical focus has seen the Egress platform achieve an unmatched number of product certifications and accreditations.

The only email encryption product to achieve UK Government CPA certification

Egress Protect remains the only UK Government CPA Foundation Grade certified email encryption product. This makes Protect suitable for sharing OFFICIAL and OFFICIAL-SENSITIVE under the Government Security Classifications Policy (GSCP). As a result, Protect can be used across the Public Sector to process and share highly sensitive data over the internet, without the need to manage external third party credentials.

NATO Information Assurance

Egress Protect features in the NIAPC amongst its endorsed IA products as suitable for NATO Restricted.

The NIAPC established under Directive AC/322-D(2010)0042 (22-09-2010), provides NATO nations, and NATO civil and military bodies with a catalogue of Information Assurance (IA) products, Protection Profiles and Packages that are in use or available for procurement to meet operational requirements.

Cyber Essentials and Cyber Essentials Plus certification

The Cyber Essentials scheme has been developed by Government and industry to fulfill two functions. It provides a clear statement of the basic controls all organisations should implement to mitigate the risk from common internet-based threats, within the context of the Government’s 10 Steps to Cyber Security.

Common Criteria (‘In Evaluation’)

One of the highest international standards for data security, Protect is currently ‘In Evaluation’ against Evaluation Assurance Level 2 (EAL2). Full certification is expected in early 2017.Common Criteriais a framework in which computer system users can specify their security functional and assurance requirements (SFRs and SARs respectively) through the use of Protection Profiles (PPs), vendors can then implement and/or make claims about the security attributes of their products, and testing laboratories can evaluate the products to determine if they actually meet the claims. Common Criteria is used as the basis for a Government driven certification scheme and typically evaluations are conducted for the use of Federal Government agencies and critical infrastructure.

ISO 27001:2013

The ISO standard is the recognised international benchmark for information security management, outlining how to implement and uphold an independently assessed and certified information security management system (ISMS). Egress was one of the first organisations to achieve the ISO 27001:2013 standard demonstrating our commitment to providing customers with the necessary levels of assurance regarding the way their information is managed and secured. Egress information security management system includes policies around access control, incident management, business continuity, physical security, human resources and technical procedures.