PUR1308/11. Pre-qualification Questionnaire (PQQ) ------------------------------------------------------------



Similar documents
PUR1311/19. Request for Information (RFI) Provision of an Enterprise Service Bus. to the. European Bank for Reconstruction and Development

Request for Proposal (RFP) PUR1412/19

Secure Frequently Asked Questions

TEAL: Transparent Archiving Library

Troubleshooting BlackBerry Enterprise Service 10 version Instructor Manual

Secur User Guide

BUILT FOR YOU. Contents. Cloudmore Exchange

CFT Provision of a common data transmission system. Questions/Responses

Secure User Guide

RightsWATCH. Data-centric Security.

SECURE YOUR DATA EXCHANGE WITH SAFE-T BOX


Data Encryption Policy

Policy Based Encryption Z. Administrator Guide

BlackBerry Enterprise Service 10. Version: Configuration Guide

Service Schedule for BT Business Lite Web Hosting and Business Lite powered by Microsoft Office 365

Policy Based Encryption E. Administrator Guide

Policy Based Encryption E. Administrator Guide

PGP Product Update Juha Ropponen

Chapter 10 Encryption Service

The following Protective Markings are classified as Dissemination Limiting Markers (DLM).

New Security Features

Secure Web Service - Hybrid. Policy Server Setup. Release Manual Version 1.01

OpenText Secure MFT Network and Firewall Requirements

1 Product. Open Text is the leading fax server vendor in the world. *

BlackBerry 10.3 Work and Personal Corporate

Technical White Paper BlackBerry Enterprise Server

Implementing Transparent Security for Desktop Encryption Users

VODAFONE G-CLOUD SMS-SERVICE

Architecture and Data Flow Overview. BlackBerry Enterprise Service Version: Quick Reference

Unifying Information Security. Implementing Encryption on the CLEARSWIFT SECURE Gateway

CIPHERMAIL ENCRYPTION. CipherMail white paper

RISQS FAQs. About RISQS. services provided by

Frequently Asked Questions. Frequently Asked Questions SSLPost Page 1 of 31 support@sslpost.com

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

Configuration Guide BES12. Version 12.2

Using Voltage Secur

Request for Pre- Qualification

Use of Exchange Mail and Diary Service Code of Practice

DJIGZO ENCRYPTION. Djigzo white paper

Barracuda Spam&Virus Firewall v5.1 a Web Filter v5.0 Nové funkce, pluginy a uživatelská vylepšení. Jiří Blažek, Product Manager

Achieve more with less

Configuration Guide BES12. Version 12.1

Mobile Access Software Blade

RCS - Overview. Rich Communication Suite

VAULTIVE & MICROSOFT: COMPLEMENTARY ENCRYPTION SOLUTIONS. White Paper

Policy Based Encryption Essentials. Administrator Guide

Architecture for ACSI33 security requirements. Implementation using janusseal and Clearswift MIMEsweeper

April PGP White Paper. PGP Universal 2.0 Technical Overview

MDaemon Vs. Microsoft Exchange Server 2013 Standard

Feature Comparison. Help Desk. Ticket Management. to Ticket. Fully Customizable User Interface. Escalation Rules.

How to use Certificate in Outlook Express

A Winning Combination!!

GETTING STARTED SECURE FILE TRANSFER PROCEDURES A. Secure File Transfer Protocol (SFTP) Procedures

Boundary Encryption.cloud Deployment Process Overview

The GlobalCerts TM Secur Gateway TM

System to System Interface Guide

Government of Canada Managed Security Service (GCMSS) Annex A-5: Statement of Work - Antispam

Service Schedule for Business Lite powered by Microsoft Office 365

Ensuring the security of your mobile business intelligence

Political Aspects of the Mandate of the European Bank for Reconstruction and Development

Enterprise File Share and Sync Fabric. Feature Briefing

How to use Certificate in Microsoft Outlook

Sophos Mobile Control Administrator guide. Product version: 3

Configuration Guide. BES12 Cloud

Service Launch Guide (US Customer) SEG Filtering

Options for encrypted communication with AUDI AG Version of: 31 May 2011

Setting up Microsoft Office 365

Barracuda Security Service User Guide

SPAMfighter Exchange Module

Secure audited file sharing

PrivaSphere Gateway Certificate Authority (GW CA)

Security Solutions

Transport Layer Security (TLS) About TLS

Advanced Administration

Configuration Guide BES12. Version 12.3

Feature and Technical

Setting up Microsoft Office 365

Mimecast Large File Send

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

CCG LAPTOP AND PORTABLE DEVICES AND REMOTE ACCESS POLICY

Dispatch: A Unique Security Solution

Optus SMS for MS Outlook and Lotus Notes

PUR1308/12 - Service Management Tool Minimum Requirements

Version Listed below are the detailed features in GoAnywhere Services shown with all the licensed options.

Wakefield Council Secure and file transfer User guide for customers, partners and agencies

BYOD Guidance: BlackBerry Secure Work Space

EXAM - ST Symantec PGP Universal Server 3.2 Technical Assessment. Buy Full Product.

MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE

Djigzo encryption. Djigzo white paper

Policy Based Encryption Gateway. Administration Guide

Migration Project Plan for Cisco Cloud Security

HMRC Secure Electronic Transfer (SET)

Transcription:

PUR1308/11 Pre-qualification Questionnaire (PQQ) ------------------------------------------------------------ Provision of E-Mail and File Encryption Technologies ------------------------------------------------------------

1.0 INTRODUCTION The European Bank for Reconstruction and Development (the "EBRD") is an international financial institution. The EBRD was established by treaty in 1990 to foster the transition towards open market oriented economies and to promote private and entrepreneurial initiatives in Central and Eastern Europe, the Baltic States and the Commonwealth of Independent States that are committed to and applying the principles of multiparty democracy, pluralism and market economics. The EBRD has 63 members (61 countries, the European Community and the European Investment Bank). Further information about the EBRD's roles and activities can be found on the EBRD's website: www.ebrd.com. 2.0 OBJECTIVE OF THIS PQQ The objective of this PQQ is to obtain responses to the attached questionnaire from suppliers of encryption software. Responses will be evaluated in order to qualify suppliers to participate in a tender. Only suppliers who answer yes to all of these questions will be deemed qualified for the subsequent tender. 3.0 EBRD CONTACT DETAILS Your sole contact for the purposes of the PQQ is: Tanya Lucas Manager Corporate Procurement Unit EBRD One Exchange Square London EC2A 2JN Email: lucasta@ebrd.com

Mandatory Functional Requirements Y/N Comments Outbound Encryption of E-Mails and Attachments Does the solution allow encryption of e-mails and attachments? Does the solution have the ability to secure unstructured data (i.e. body text in an email)? Does the solution have the ability to apply and read classifications applied to e-mail messages/attachments and thereafter automatically encrypt said e- mail/attachment? Does the solution have the ability to route and split messages based on domain, information classification, and recipient, and also create a whitelist of domains that enforces encryption? Does the solution have the ability to control access to the data and set permissions regarding revocation of recipient access even after the e-mail has been sent? Does the solution have the ability for Bank User s to manage their sent items via a web-portal (using their mobile device if required), changing, adding restrictions etc? Does the solution have the ability to audit sender and recipient activity including showing when a file/attachment is opened by the recipient? Inbound Encryption of E-Mails and Attachments Does the solution have the ability to encrypt inbound e-mail based on predefined criteria?

Inbound Decryption at Gateway and Locally (on desktop, laptop etc) Does the solution have the ability to automatically decrypt incoming messages on behalf of the recipient whilst also having the ability for messages to be decrypted locally by the authorised recipient? Integration with IC Automation Software Does the solution integrate with Information Classification Automation solutions/software, with the encryption solution having the ability to perform functions such as automated encryption based on classification levels? Usability for partners/organisations receiving e-mails/documents from the Bank Does the solution allow Bank clients and partners to send or receive emails and attachments securely with the Bank at no cost to them? BYOD Does the solution support secure email/file exchange between Users accessing from mobile devices? (Mobile phones, tablet devices etc.) Does the solution allow sending, receiving, reading, editing, decrypting data on mobile devices? Mandatory Technical Requirements Y/N Comments Architecture The encryption server (and all encrypted data) must be located on the Bank s infrastructure. Does the solution allow for this requirement? Hosted server solution must be run on Windows or Redhat with SQL server or Oracle database. Does the solution allow for this requirement? File/e-mail encryption should occur on the secure server and not locally on the user s device (e.g. desktop, laptop, mobile device etc). Does the solution allow for this requirement?

Solution should be able to provide controls over local encryption where users are unable to encrypt files and save to their personal drives, network shares etc. If required, solution should allow local encryption for certain groups, individuals with control over this functionality held with administrators. Does the solution allow for this requirement? Infrastructure Integration Does the solution allow integration with EBRD s Internet server protocols (FTP/FTPS, HTTP/HTTPS) to enable users to upload files to the Internet or to local secure servers? Is the solution compatible with EBRD infrastructure standards (e.g. LDAP Compliance, Active Directory, Exchange 2003 or above, Outlook 2000 or above)? Is the solution compatible with Blackberry Enterprise Server (BES)? Does the solution have the ability to give the User control as to whether a recipient is able to forward, download or copy mails or attachments? Does the solution have the ability to stop the forwarding of e-mails and attachments by the recipient? Key Management Does the solution allow, if required by the Bank, for encryption keys to be stored and managed by Bank IT? Management Does the solution provide a central management facility? Data Access Does the solution provide control over data location, i.e. recipient access to data should be through the designated servers with no data residing on the recipient s computer, laptop etc? Third Party/Client Access Please confirm that the solution does not require installation of any software by the recipient (i.e. client or third party receiving e-mail and/or attachment from an EBRD User)?

Please confirm that there no costs for the recipient when accessing an encrypted e-mail and/or attachment? Sent Item Management Does the solution have the ability to manage sent items, i.e. allowing for access to sent items (access permissions) to be amended? (This should include management of encrypted e-mails and files via web-portal and including on mobile devices)