SSLPost is designed to be system and platform independent; we are currently deployed nationally and internationally in a range of regulatory markets, where accuracy, speed, availability, security and non-reputable transactional audit trails are a requirement. Our solution combines secure email and secure file transfer into a single application environment. Traditional encrypted email systems have been difficult to use, SSLPost is easy and natural for users operating on web and mobile platforms.

Most file transfer systems have limited affordable capacity, utilise un-secure synchronisation folders and have low level of data at rest security. SSLPost uniquely encrypts every file transfer end to end that combines with the audit and track/trace to provide a common workflow process control, a lateral feature is that we are very good at large file transfer (up to and beyond 100GB). Many modern commercial e-communication processes insist on guaranteed privacy, include large file attachments and require non-reputable audit trails and access controls. There is now a clear desire for government and corporations to move away from free to use US hosted public cloud systems and provide controlled environments consistent with meeting user data security concerns.

SECUREDD is working on 5 aspects:

N

Confidentiality

Protecting content from unauthorised access
N

Authorisation

Assigning permissions to the user working with the document
N

Integrity

Detecting unintentional or malicious document alteration
N

Authenticity

Proving that the document comes from true sender
N

Non-repudiation

Preventing senders and recipients from refuting delivery and receipt respectively

Authentication Methods

 

Organizations may desire to implement different methods to enforce stronger authentication policy requirements. Therefore you can chose above the standard pin options, you can extend the optional authentication services that can provide alternative forms of authentication that minimize the risk from weak passwords. These includes choices for:

N

Password policy enforcement

Requires user passwords to conform to minimum standards for length, diversity of characters, expiration, or failed login attempts.

N

Multi-factor authentication

The authentication service requires the user to provide information based on something they have, such as a one-time password token or X.509 certificate, and something they know, such as a password.

N

External authentication means, like

Finger print, Biometrical authentication options, Swivel, DigiD, GOV.UK Verify and many others.

Hosting

The SECUREDD services are running in top datacenters from the different countries, ensuring 24/7 99,999% availability. This allows for data storage within the country of data origin when mandatory.

ISO 27001

We are delighted to report that once again, SECUREDD and SSLP Group, have received a clean bill of security health in the annual ISO27001:2013 audit. The audit, carried out by external auditors, TCG, closely inspects all security policies, processes and procedures to ensure that the company is following accepted guidelines in maintaining the best possible data security in all aspects of its operations. The audit can highlight non-conformances in protocol and issue recommendations for improvement. However, there were none to report and the auditor was delighted with the Information Security Management Systems in place. Proof of compliance with the policies is one essential standard within the extensive and detailed framework and SECUREDD and SSLP Group reached and exceeded these standards.

Encryption

Sensitive customer data in transit is sent via secure HTTPS. SECUREDD Secure eMail never holds customer data unless expressly commissioned to do so, and is always encrypted using SECUREDD technology. All data is encrypted on the fly and forwarded to the recipient(s). No content is retained on the SECUREDD servers unless agreed upon with our clients. With the SECUREDD eSafe we store sensitive files and (personal) information. This data is secured by encrypting each file and field individually. We do not store passwords – only a salted hash with 36000 iterations using PBKDF2

Communication between servers, where customer data is passed, is encrypted using SSL/TLS using only CESG recommended ciphers. By the end of 2018, following PCI standards, TLS 1.0 will be disallowed.