As simple as e-mail and as secure as postal mail.



Similar documents
Visitors to our website The LCTHF website collects information about each visitor in several ways. These may include:

Know the Risks. Protect Yourself. Protect Your Business.

Bank of Hawaii Protecting Confidential

Brainloop Cloud Security

D . A reliable and secure online communication platform. Armin Wappenschmidt (secunet) More information:

Guide for Securing With WISeKey CertifyID Personal Digital Certificate (Personal eid)

Agilent MicroLab Software with Spectroscopy Configuration Manager and Spectroscopy Database Administrator (SCM/SDA)

PopimsCard. Franck GUIGAN The magic card. February

Business Issues in the implementation of Digital signatures

Using GhostPorts Two-Factor Authentication

Using etoken for Securing s Using Outlook and Outlook Express

ONE SINGLE ADDRESS FOR ALL YOUR ONLINE PROCEDURES. as part of your professional activity. Business Portal

The Impact of 21 CFR Part 11 on Product Development

CoSign for 21CFR Part 11 Compliance

Collax Mail Server. Howto. This howto describes the setup of a Collax server as mail server.

FAQs Electronic residence permit

TABLE OF CONTENTS. Creating an Account Why Use enewsletters. Setting Up an enewsletter Account. Create/Send Logging In.

Bank of Hawaii Protecting Confidential . What's in this User Guide

Cyber Security Strategy for Germany

SHORT MESSAGE SERVICE SECURITY

21 CFR PART 11 ELECTRONIC RECORDS, ELECTRONIC SIGNATURES CFR Part 11 Compliance PLA 2.1

User Guide for Kelani Mail

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

The Bishop s Stortford High School Internet Use and Data Security Policy

Remember, this is not specific to your address alone... the METHOD you retrieve your is equally important.

Barracuda Security Service User Guide

Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and

Controller of Certification Authorities of Mauritius

End-to-End Encryption for Everybody?

Research Article. Research of network payment system based on multi-factor authentication

Contents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008

DigitalPersona Privacy Manager Pro

Secure FAQs for External Stakeholders

POP3 Connector for Exchange - Configuration

At Cambrian, Your Privacy is Our Priority. Regardless of how you deal with us on the phone, online, or in person we have strict security measures

BSI TR : Secure Transport. Requirements for Service Providers (EMSP) regarding a secure Transport of s

FILEHOLD DOCUMENT MANAGEMENT SYSTEM 21 CFR PART 11 COMPLIANCE WHITE PAPER

DKIM Enabled Two Factor Authenticated Secure Mail Client

Guide to Obtaining Your Free WISeKey CertifyID Personal Digital Certificate on Aladdin etoken (Personal eid)

Trend Micro Hosted Security. Best Practice Guide

Security Digital Certificate Manager

Quarantine Central for end users: FAQs

Whitepaper on AuthShield Two Factor Authentication and Access integration with Microsoft outlook using any Mail Exchange Servers

Guide to Obtaining Your Free WISeKey CertifyID Personal Digital Certificate (Personal eid) WISeKey 2010 / Alinghi 2010 Smartcards

Stewart Secure User Guide. March 13, 2015

LISTSERV LDAP Documentation

Prerequisite. Getting Started. Signing and Encryption using Microsoft outlook 2007

Pennsylvania Department of Public Welfare. Bureau of Information Systems OBSOLETE. Secure User Guide. Version 1.0.

TIB 2.0 Administration Functions Overview

TELSTRA BUSINESS BROADBAND GET YOUR BUSINESS IN THE FAST LANE

Two-Factor Authentication: Guide to FEXCO CFX SMS/APP Verification

Adjust Webmail Spam Settings

Secure Client User Guide Receiving Secure from Mercantile Bank

How to complete and submit an expert application

The Case For Secure

Prerequisite. Getting Started. Signing and Encryption using Microsoft outlook 2010

Astaro Services AG Rheinweg 7, CH-8200 Schaffhausen. Supplementary data protection agreement. to the license agreement for license ID: between

Secure Frequently Asked Questions

Entrust Secure Web Portal Solution. Livio Merlo Security Consultant September 25th, 2003

300% increase 280 MILLION 65% re-use passwords $22 per helpdesk call Passwords can no longer protect you

When you are prompted to enroll, you will be asked to enter a Security Phrase and select/answer three different Challenge Questions.

Direct Mail Training Manual

HIPAA Security. 4 Security Standards: Technical Safeguards. Security Topics

Online Banking Security Guide Internet-based version

Nissan Application - Step 1

WEB SERVICES SECURITY

Online account access

OPC UA vs OPC Classic

EP A1 (19) (11) EP A1 (12) EUROPEAN PATENT APPLICATION. (43) Date of publication: Bulletin 2011/37

Information Security It s Everyone s Responsibility

OX Guard Product Guide v1.0 V1.0

EBA STRONG AUTHENTICATION REQUIREMENTS

Recommendations for companies planning to use Cloud computing services

Guidance for sending and receiving an encrypted NHSmail

Electronic Messaging Policy. 1. Document Status. Security Classification. Level 4 - PUBLIC. Version 1.0. Approval. Review By June 2012

Strong Encryption for Public Key Management through SSL

Is your data safe out there? -A white Paper on Online Security

6. Is it mandatory to have the digital certificate issued from NICCA? Is it mandatory for the sender and receiver to have a NIC id?...

Information Security Policy. Appendix B. Secure Transfer of Information

Why you need secure

RPost Outlook Quick Start Guide

SECURITY POLICY REMOTE WORKING

IMPLEMENTATION OF AN ELECTRONIC DOCUMENT MANAGEMENT SYSTEM TECHNICAL SPECIFICATIONS FOR AGENCIES AND BROKERS ACTING ON THEIR ACCOUNT

MOBILE GAMING SYSTEM POLICIES

VS-NUR FÜR DEN DIENSTGEBRAUCH (RESTRICTED)

Mobile Driver s License Solution

ABOUT TOOLS4EVER ABOUT DELOITTE RISK SERVICES

Open Data Center Alliance Usage: Provider Assurance Rev. 1.1

Microsoft Exchange ActiveSync Administrator s Guide

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Transcription:

Stay up-to-date Page 1 The advantages of De-Mail for individuals, businesses and Page 2 government agencies Unencrypted, unprotected, unverified what does that mean? Page 3 Encrypted, protected, verified what does that mean? Page 3 De-Mail in detail: More protection for your data Page 4 More security when logging in Page 5 Verification and options for sending Page 6 End-to-end encryption and electronic signature Page 7 Government and private industry set the framework together; Page 7 private industry operates De-Mail Support for government agencies and businesses introducing De-Mail Page 8 Information on approval of De-Mail providers Page 9 Stay up-to-date This brochure offers an update on the status of the De-Mail project. You can find more information about De-Mail, including the De-Mail newsletter and answers to 70 frequently asked questions, provided by the Federal Ministry of the Interior at www.de-mail.de (in German only). Individuals, businesses and public agencies that would like to use De-Mail services can find more information about De-Mail and about protecting their data and IT systems at www.bsi-fuer-buerger.de (in German). Businesses and public agencies that would like to offer De-Mail services can find specialized information such as technical guidelines and the list of certified De-Mail inspection agencies and auditors at www.bsi.bund.de (in German). Approved De-Mail providers offer information about their De-Mail products on their own websites. You can find a list of accredited De-Mail providers at www.bsi.bund.de (in German). 1

The advantages of De-Mail for individuals, businesses and government agencies De-Mail allows you to send documents electronically that would otherwise require a regular mailing. This offers many advantages for individuals, businesses and government agencies: Unlike ordinary e-mail, De-Mail is encrypted. The identity of De-Mail senders and recipients can be verified, as can the delivery of a De-Mail message. That is important for both senders and recipients. Verification also helps fight Internet crime, since senders of spam or phishing messages can no longer remain anonymous. Individuals can take care of transactions with businesses and government agencies easily and conveniently wherever and whenever they like. Businesses and government agencies can process many transactions electronically from start to finish even legal transactions requiring a documented date of receipt. In this way, De-Mail helps increase efficiency in the public and private sectors. It also saves money on paper and postage. In short: De-Mail can save you time and money. De-Mail is based on widely used e-mail technologies, so it can take advantage of existing interfaces without requiring a lot of additional effort. You don't need any special skills to use De-Mail it is as easy as e-mail. You can use Web applications very similar to widely used e-mail services without having to install any new hardware or software on your computer. You can also connect the e-mail infrastructure of your business or organization to De-Mail via a gateway, so you can continue using your existing e-mail client. All De-Mail providers must meet the same high standards for IT security and data protection, so you can be sure that every De-Mail provider offers the same, verified level of security. You can also be sure that your De-Mail messages will reach their intended recipients. It makes no difference whether recipients have an account with a different De-Mail provider: The systems of all De-Mail providers are connected. 2

Unencrypted, unprotected, unverified what does that mean? In Germany, more than 95% of all e-mails are not encrypted. This means: Little effort is needed to intercept e-mails, read them like postcards and alter their content. Senders and recipients can never be entirely sure who they are communicating with. Senders never know for certain whether their messages reached the intended recipients and have no proof that they did. The volume of spam messages unsolicited, mass e-mails from senders who are difficult or impossible to identify has greatly expanded in recent years. Criminals are increasingly using phishing techniques to gain information needed to access e-mail accounts, typically for the purpose of identity theft. Encrypted, protected, verified what does that mean? De-Mail messages have important security features that conventional e-mails lack: De-Mails cannot be intercepted and altered by third parties because they are always encrypted for transport via the Internet. Senders and recipients of De-Mails can always be identified because users have to verify their identity before they can open a De-Mail account. Users can request a proof of mailing and delivery for their De-Mail messages ("electronic registered mail"). De-Mail prevents spam because senders are clearly identified. De-Mail fights phishing and identity theft because users can register by using a dually secure procedure. With these security features, De-Mail helps users protect their personal data effectively. 3

De-Mail in detail: More protection for your data De-Mail is an important tool to help you better protect your data and make them more secure, thanks to the following: Mandatory transport encryption: Unlike ordinary e-mail, all data you send are always encrypted as they travel via the Internet. Optional security components: De-Mail supports the use of additional security components such as end-to-end encryption and signatures. Strict requirements for De-Mail providers' technical and organizational security measures: The minimum standards for secure electronic communication are regulated by the De-Mail Act, which entered into force on 3 May 2011. The Act also ensures orderly procedures for checking the compliance of all De-Mail providers with these standards. Certified data protection: De-Mail providers must have a data protection certificate issued by the Federal Commissioner for Data Protection and Freedom of Information (BfDI) documenting that they have taken comprehensive measures to protect personal data. With De-Mail, everyone can enjoy a high level of security and data protection for their electronic communications. 4

De-Mail in detail: More security when logging in There are two ways to log into your De-Mail account: For the regular level of security, you can log in with your username and password, just as for an ordinary e-mail account. This is usually referred to as "authentication through something you know". For log-ins with extra security, you will need your username, password and a token, such as Germany's new digital national identity card, a signature card or other approved procedure based on a USB stick or mobile telephone (such as mtan, in which an SMS containing a randomly generated combination of numbers is sent to your mobile telephone for you to use to log in to your De-Mail account). Log-in requiring a token is known as two-factor authentication using "something you know and something you have". De-Mail providers must offer at least two log-in procedures with extra security, including the procedure with the new national identity card. You can decide which token to use for secure log-ins to your De-Mail account. The extra level of security is by law the default setting for accessing De-Mail accounts. Most De-Mail sending options will require log-ins with extra security. Upon request, your De-Mail provider can let you access your account by using only your username and password. In this case, you will only be able to use the basic De-Mail functions. 5

De-Mail in detail: Verification and options for sending If no additional sending options have been selected, standard De-Mail messages are always encrypted. Both the message (text and attachments) and header data (sender's/recipient's address, time sent, etc.) are encrypted and protected against eavesdropping and alteration by third parties. Both the sender and recipient are clearly identified. Even a standard De-Mail message has a highly binding nature and can be used in a variety of situations. In addition to the standard De-Mail, users may choose one or more of the following options: Sending confirmation: The De-Mail provider issues the sender confirmation with a qualified electronic signature that the message has been sent. Sending confirmation with a high authentication level: The sender's De-Mail provider issues both sender and recipient confirmation with a qualified electronic signature that the sender was logged in with a high level of authentication when he or she sent the De-Mail message. Delivery confirmation: When the De-Mail message has been delivered to the recipient's mailbox, the recipient's De-Mail provider gives both the sender and the recipient a delivery confirmation with a qualified electronic signature.. In all three cases, the signature of the De-Mail provider includes the entire message content (text and attachments) and header data (sender's and recipient's address, time sent, etc.). This gives you a reliable documentation of your electronically transmitted message. For messages requiring especially confidential treatment, you can select an additional security option: Personal: The sender determines that the recipient can read the message only if he or she is logged in with a high level of authentication. You can combine the various sending options and confirmations in different ways depending on the purpose or content of your De-Mail message. 6

De-Mail in detail: End-to-end encryption and electronic signature If you want to use additional security components, you can sign your message with a qualified electronic signature or send it with end-to-end encryption. De-Mail providers are required to offer a directory service where the public keys or encryption certificates needed for encryption can be stored. This makes it much easier to use end-to-end encryption. Government and industry set the framework together; industry operates De-Mail The government only creates the framework in close consultation with private industry for secure De-Mail communication on the Internet; companies are responsible for implementing De-Mail by creating specific products that comply with this framework. The Federal Government and private industry worked together to define the basic requirements for security, functionality and interoperability in the form of technical guidelines. An accreditation procedure regulated by law is used to check whether De- Mail providers meet these guidelines. De-Mail services are provided by competing companies, which can offer additional services based on the standard framework in order to distinguish themselves from their competitors. In this way, De-Mail serves as the foundation for secure electronic communication while ensuring nationwide coverage and encouraging competition. You can recognize approved De-Mail providers by this seal, awarded by the Federal Office for Information Security: 7

Support for government agencies and businesses introducing De-Mail In 2011, the De-Mail Competence Centre helped numerous federal, state and local government agencies as well as companies connect to De-Mail and integrate it into their existing processes. The De-Mail Competence Centre was set up by the Federal Ministry of the Interior with funds from the IT investment programme. As part of its advisory efforts, the De-Mail Competence Centre has created concepts including organizational, economic and technical priorities as well as a catalogue of standard De-Mail use scenarios. It also created sample procedures and best practices for identifying and selecting use scenarios. Further results include economic analyses, adaptations of processes and specialized applications, procedures for technical integration and for necessary adjustments to standard software applications when introducing De-Mail. Companies and government agencies that want to start using De-Mail can use both the outlines and the results derived from advisory projects on their own. The Competence Centre's conclusions on De-Mail in German public administration are published at www.de-mail.de. 8

Information on the approval of De-Mail providers No matter which De-Mail provider you choose, you can be certain that De-Mail ensures a uniform, verified level of security. This is guaranteed by the De-Mail Act: All De-Mail providers are checked for compliance with uniform criteria using a transparent procedure. This is important for creating trust in the security and quality of De-Mail services. De-Mail providers must document compliance in the following areas: Security, functionality and interoperability checked by the Federal Office for Information Security (BSI). The current criteria for approval are published at www.bsi.bund.de. Data protection checked by the Federal Commissioner for Data Protection and Freedom of Information (BfDI). The current criteria for approval are published at www.bfdi.bund.de. If you would like to become a De-Mail provider, please contact de-mail@bsi.bund.de. Contact Federal Ministry of the Interior IT Staff Unit, Division IT 4 Alt-Moabit 101 D 10559 Berlin, Germany Tel.: +49 (0) 30 18681-0 E-mail: demail@bmi.bund.de 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information