CESG CPA Foundation Grade certified email encryption: Egress Switch product update
London – February 2014 – Following formal certification in October 2013, Egress Software Technologies is pleased to report that the detailed Security Procedures documentation is now available for review on the CESG website (www.cesg.gov.uk/servicecatalogue/Product-Assurance/CPA/Pages/CPA-certified-products.aspx). Egress Switch is the only email encryption product certified by CESG’s Commercial Product Assurance scheme, which certifies commercial security products for use by UK government and the wider public sector.
Switch has been successfully verified against Gateway and Desktop Email Encryption Security Characteristics at Foundation Grade, which makes it suitable for sharing OFFICIAL and OFFICIAL SENSITIVE data (under the new Government Classification Policy) over the internet, without the need to manage external third party credentials.
What does this mean for you?
Whether you are a public or private sector organisation, by selecting a CPA certified email encryption product, you can have confidence that it has been independently certified by the UK National Technical Authority for Information Assurance, is fit for purpose, and is capable of protecting your organisation and the data you share from external threats.
Gateway email encryption – external information sharing use case
Increasingly, organisations are required to share sensitive data electronically with partners, supply chain, customers and the ‘third sector’ outside of existing accredited networks.
Switch enables users to share information securely with external third parties, regardless of the network they are on. Deployed at the gateway, Switch integrates with existing email / content scanners, archiving and case management software so that encrypted information entering or leaving the corporate network can be comprehensively scanned and stored in line with business policy. In addition, gateway deployment enables business administrators to centrally manage policies and email routing, meaning users do not have to worry what level of protection is required when sending sensitive information to multiple domains.
Desktop email encryption – internal information sharing use case
For information that needs to be shared securely within an organisation’s network, users can deploy Switch at the desktop. This means that emailed data is encrypted as soon as it leaves an end-user’s device, securing information throughout its lifecycle. As with gateway deployment, Switch also provides a full audit trail and comprehensive reporting, as well as the ability for senders to revoke access to shared information.
A CESG spokesperson commented: “We congratulate Egress on their achievement. Egress’ innovative technology and commitment to demonstrating that it meets CESG’s standards mean that the end-user has confidence that they are selecting an email encryption product that has been approved by CESG and is capable of protecting their organisation and the data they share from external threats.”
Tony Pepper, CEO of Egress Software Technologies, explains: “At Egress, we recognise the challenge that organisations in the Public Sector face when trying to share sensitive information with external third parties. While existing networks and systems such as GCSX, PNN, NHSmail and CJSM offer transport layer security when communicating across Government, in many cases sensitive information is not being afforded appropriate levels of protection when shared outside Government to external delivery partners, citizens and third sector businesses.”
“Working closely with the team at CESG, we have looked to tackle this information sharing challenge head on by offering customers real solutions to real problems. As such, this certification makes Switch the only CESG CPA approved product for sharing OFFICIAL Tier information across and outside Government,” continues Pepper. “In doing so, we are now able to provide an encryption platform that enables public sector organisations to improve efficiency and enhance the services they provide to the wider public, while delivering end-to-end information assurance throughout the lifecycle of shared information.”
To view the detailed Security Procedures documentation relating to Switch’s formal certification, visitwww.cesg.gov.uk/servicecatalogue/Product-Assurance/CPA/Pages/CPA-certified-products.aspx.
For more information, contact Rebecca Bailey – Marketing and Communications, Egress Software Technologies:
Tel: 0207 624 8500
About Egress Software Technologies
Egress Software Technologies is the leading provider of email and file encryption software, offering innovative on-demand data security to enable organisations and individuals in the Public and Private Sectors to share confidential information with third parties.
Combining on-premise and hosted cloud infrastructure with patented key management, Egress Switch provides a unique community-based licensing model called the Egress Trust Network. The Network is made up of paying and free Egress Switch subscribers, who are able to share information securely with one another using a single global identity. Delivered as a fully managed service, the Trust Network has grown virally to over one million members.
Used by organisations around the world, integrated desktop and mobile applications ensure easy-to-use software, designed to aid compliance and streamline user workflow.
CESG is the Information Security arm of GCHQ and is based in Cheltenham, Gloucestershire, UK. It is the UK Government’s National Technical Authority for IA, responsible for enabling secure and trusted knowledge sharing to help its customers achieve their business aims.
CESG uses its deep technical expertise to provide its customers with insights into information risks and mitigations, enabling customers to reduce both the risks to, and impacts on, their information and information-based systems.
For more information on CESG, please visit www.cesg.gov.uk.