21 November 2019
myroyalmail is updated daily

Share information securely

Check out our top tips and 'How To' guides to help prevent data going to the dark side and ensure it is shared securely

Think Secure 

 

Sharing the information you’ve created? Remember these top tips:

  • Share information securely with only those who are authorised to see it
  • Send information securely using Royal Mail Group’s security tools - such as restricted access SharePoint sites, Mimecast, or MOVEit
  • Be mindful of where you share, how you share and with who you share information with verbally, electronically or physically.

We create information so that those who have a legitimate need for it can use it or view it. However, inappropriate sharing of information poses a significant risk to Royal Mail and yourself, leaving it vulnerable to theft, loss, unlawful disclosure or misuse. Understanding how to share information in a way that keeps it protected prevents it from falling into the wrong hands.

Let’s look at our top tips in more detail to prevent data going to the dark side.

Use SharePoint where possible to share information

SharePoint is our designated document repository which allows us to securely store and share files internally, and collaborate on documents together. It is restricted to the Royal Mail Group network and can be set up so only those who are authorised to see or edit it, can do so.

If you have uploaded some documents onto your team SharePoint site and you would like team members to review it, send them the URL. This will help to prevent multiple versions of a document sitting in people’s inboxes out of your control.

Click here for a step-by-step guide on how to share information securely using SharePoint.

What about using Gmail or Dropbox to share information?

Such technologies may seem like the easy go-to solutions, but they are not adequately protected and are regularly targeted by hackers, which is why we strictly prohibit themas a method for sharing information.

  • Remember to always use Royal Mail Group-approved technologies to share information securely
  • Ensure emails are appropriately marked as [confidential] or [strictly confidential] before sending - both internally and externally. Set up your signatures today
  • Remember, all Royal Mail Group-specific information should be classified according to our information security classifications
  • Adding the protective mark in the subject heading (particularly for confidential and strictly confidential emails) will point out how sensitive the content is and how you and others should handle it.

Sharing information via email with colleagues

Emails sent between Royal Mail Group colleagues are automatically secured for transfer due to the underlying security controls built into the network. Additional security controls, such as using a password to protect attachments, should be used so that only the intended recipients can view the content.

What about sharing information via email externally?

If the information you need to share via email is confidential, such as a business report, a commercially sensitive project update or personal data like an attendance sheet, you must ensure it is protected on the move by adding the tag [CONFIDENTIAL] to the subject line, body of the email or your signature. This will ensure the email is encrypted in transfer.

If the information you need to share is strictly confidential, such as a strategic board paper, a collection of payslips, an acquisition report, access must be restricted to only those who are authorised and have a genuine need to know. You must ensure it is protected on the move and at rest by adding the tag [STRICTLY CONFIDENTIAL] to the subject line, body of the email or your signature. This will ensure the email is encrypted in transfer and when at rest.

Remember to never forward work emails to your personal email account. Click here for more information on sharing emails securely. 

Use MOVEit when your information is too big to share

If you have a file containing sensitive information which is too large to send via email to a Royal Mail Group-approved and trusted third party supplier - what is the best way for you to send that information?

You can share large files up to 2GB, by using MOVEit, managed file transfer software, which encrypts files and uses secure file transfer protocols to transfer them. Click here for a step-by-step guide on how to use MOVEit. 

Sharing information verbally

Click here if you are concerned about keeping the information you share via conference calls and face-to-face meetings, confidential.

How to share sensitive paper records (confidential/strictly confidential)

If you are sending paper records by post you will need to ensure that the information is sent securely using either ‘Royal Mail Tracked’ for confidential information or ‘Royal Mail Special Delivery’ for strictly confidential content, in-line with our information security policies.

Click here for more on sharing your information securely.